From 7250cccd2627ff56d8c20f487fae3d2c31fd605b Mon Sep 17 00:00:00 2001
From: Theodore Tso <tytso@mit.edu>
Date: Thu, 21 Dec 1995 23:39:16 +0000
Subject: In the case of FCC_OPEN_AND_ERASE, unlink the old filename, and then
 add the O_EXCL open flag, to prevent O_CREAT from following a symbolic link.

git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@7243 dc483132-0cff-0310-8789-dd5450dbe970
---
 src/lib/krb5/ccache/file/ChangeLog   | 7 +++++++
 src/lib/krb5/ccache/file/fcc_maybe.c | 3 ++-
 2 files changed, 9 insertions(+), 1 deletion(-)

diff --git a/src/lib/krb5/ccache/file/ChangeLog b/src/lib/krb5/ccache/file/ChangeLog
index f8b2527918..3a2cba8334 100644
--- a/src/lib/krb5/ccache/file/ChangeLog
+++ b/src/lib/krb5/ccache/file/ChangeLog
@@ -1,3 +1,10 @@
+Thu Dec 21 18:28:09 1995  Theodore Y. Ts'o  <tytso@dcl>
+
+	* fcc_maybe.c (krb5_fcc_open_file): In the case of
+		FCC_OPEN_AND_ERASE, unlink the old filename, and then add
+		the O_EXCL open flag, to prevent O_CREAT from following a
+		symbolic link.
+
 Fri Oct  6 22:03:16 1995  Theodore Y. Ts'o  <tytso@dcl>
 
 	* Makefile.in: Remove ##DOS!include of config/windows.in.
diff --git a/src/lib/krb5/ccache/file/fcc_maybe.c b/src/lib/krb5/ccache/file/fcc_maybe.c
index 30657b29d6..622302a125 100644
--- a/src/lib/krb5/ccache/file/fcc_maybe.c
+++ b/src/lib/krb5/ccache/file/fcc_maybe.c
@@ -229,7 +229,8 @@ krb5_fcc_open_file (context, id, mode)
      data->mode = mode;
      switch(mode) {
      case FCC_OPEN_AND_ERASE:
-	 open_flag = O_CREAT|O_TRUNC|O_RDWR;
+	 unlink(data->filename);
+	 open_flag = O_CREAT|O_EXCL|O_TRUNC|O_RDWR;
 	 break;
      case FCC_OPEN_RDWR:
 	 open_flag = O_RDWR;
-- 
cgit