diff options
| author | Andrew Tridgell <tridge@samba.org> | 1996-10-04 09:31:07 +0000 |
|---|---|---|
| committer | Andrew Tridgell <tridge@samba.org> | 1996-10-04 09:31:07 +0000 |
| commit | 5aa735c940ccdb6acae5f28449d484181c912e49 (patch) | |
| tree | 9f8713157bb6201a3079b018efed36e9bbfbeb6c /source/smbd/server.c | |
| parent | 53a4b8769e25c65fa6ab0f532e30630adf6f2056 (diff) | |
| download | samba-5aa735c940ccdb6acae5f28449d484181c912e49.tar.gz samba-5aa735c940ccdb6acae5f28449d484181c912e49.tar.xz samba-5aa735c940ccdb6acae5f28449d484181c912e49.zip | |
- changed the umask handling. We now set the umask to 0 and explicitly
set the mode on all created files. I think this is a better policy.
- change the debug levels on some items
- fix a charset handling bug which affected foreign and extended
charset users
- no longer switch back to the original directory when idle, instead
switch to / as the original directory may not be readable by ordinary
users.
- fix some bugs where the create mode of files was not being
explicitly set (it was relying on the umask and using fopen). Not a
big bug as it only affected obscure commands like the messaging ops.
- got rid of the lock code in the lpq cache as its no longer needed
- rewrote smbrun to be faster and to remove the security hole. We now
don't actually need a external smbrun binary, its all done by smbd.
- add a more explicit warning about uids and gids of -1 or 65535
Diffstat (limited to 'source/smbd/server.c')
| -rw-r--r-- | source/smbd/server.c | 18 |
1 files changed, 11 insertions, 7 deletions
diff --git a/source/smbd/server.c b/source/smbd/server.c index 0e0a524f166..a710aef69bb 100644 --- a/source/smbd/server.c +++ b/source/smbd/server.c @@ -567,7 +567,7 @@ int disk_free(char *path,int *bsize,int *dfree,int *dsize) sprintf(syscmd,"%s %s",df_command,path); standard_sub_basic(syscmd); - ret = smbrun(syscmd,outfile); + ret = smbrun(syscmd,outfile,False); DEBUG(3,("Running the command `%s' gave %d\n",syscmd,ret)); { @@ -923,7 +923,7 @@ static void check_magic(int fnum,int cnum) sprintf(magic_output,"%s.out",fname); chmod(fname,0755); - ret = smbrun(fname,magic_output); + ret = smbrun(fname,magic_output,False); DEBUG(3,("Invoking magic command %s gave %d\n",fname,ret)); unlink(fname); } @@ -2096,7 +2096,7 @@ int make_connection(char *service,char *user,char *password, int pwlen, char *de strcpy(cmd,lp_rootpreexec(SNUM(cnum))); standard_sub(cnum,cmd); DEBUG(5,("cmd=%s\n",cmd)); - smbrun(cmd,NULL); + smbrun(cmd,NULL,False); } if (!become_user(cnum,pcon->uid)) @@ -2149,7 +2149,7 @@ int make_connection(char *service,char *user,char *password, int pwlen, char *de pstring cmd; strcpy(cmd,lp_preexec(SNUM(cnum))); standard_sub(cnum,cmd); - smbrun(cmd,NULL); + smbrun(cmd,NULL,False); } /* we've finished with the sensitive stuff */ @@ -2629,7 +2629,7 @@ void close_cnum(int cnum, int uid) pstring cmd; strcpy(cmd,lp_postexec(SNUM(cnum))); standard_sub(cnum,cmd); - smbrun(cmd,NULL); + smbrun(cmd,NULL,False); unbecome_user(); } @@ -2640,7 +2640,7 @@ void close_cnum(int cnum, int uid) pstring cmd; strcpy(cmd,lp_rootpostexec(SNUM(cnum))); standard_sub(cnum,cmd); - smbrun(cmd,NULL); + smbrun(cmd,NULL,False); } Connections[cnum].open = False; @@ -2764,8 +2764,10 @@ BOOL claim_connection(int cnum,char *name,int max_connections,BOOL Clear) if (!file_exist(fname,NULL)) { + int oldmask = umask(022); f = fopen(fname,"w"); if (f) fclose(f); + umask(oldmask); } total_recs = file_size(fname) / sizeof(crec); @@ -3617,7 +3619,9 @@ static void usage(char *pname) fault_setup(exit_server); - umask(0777 & ~DEF_CREATE_MASK); + /* we want total control over the permissions on created files, + so set our umask to 0 */ + umask(0); init_uid(); |