summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAndrew Bartlett <abartlet@samba.org>2012-10-26 14:22:07 +1100
committerAndrew Bartlett <abartlet@samba.org>2012-10-26 17:26:21 +1100
commite146fe5ef96c1522175a8e81db15d1e8879e5652 (patch)
treec1caf50b1fc9931b9dfeda83804f0b261da7753c
parent728e56b4636b668aaac60ec557d6fe16b530a6f9 (diff)
downloadsamba-e146fe5ef96c1522175a8e81db15d1e8879e5652.tar.gz
pysmbd: Set umask to 0 during smbd operations
-rw-r--r--source3/smbd/pysmbd.c43
1 files changed, 34 insertions, 9 deletions
diff --git a/source3/smbd/pysmbd.c b/source3/smbd/pysmbd.c
index 9de26291d2..5e8691a8f0 100644
--- a/source3/smbd/pysmbd.c
+++ b/source3/smbd/pysmbd.c
@@ -43,6 +43,7 @@ static NTSTATUS set_sys_acl_no_snum(const char *fname,
connection_struct *conn;
NTSTATUS status = NT_STATUS_OK;
int ret;
+ mode_t saved_umask;
conn = talloc_zero(NULL, connection_struct);
if (conn == NULL) {
@@ -56,6 +57,10 @@ static NTSTATUS set_sys_acl_no_snum(const char *fname,
return NT_STATUS_NO_MEMORY;
}
+ /* we want total control over the permissions on created files,
+ so set our umask to 0 */
+ saved_umask = umask(0);
+
conn->params->service = -1;
set_conn_connectpath(conn, "/");
@@ -69,6 +74,8 @@ static NTSTATUS set_sys_acl_no_snum(const char *fname,
"returned zero.\n"));
}
+ umask(saved_umask);
+
conn_free(conn);
return status;
@@ -83,9 +90,16 @@ static NTSTATUS set_nt_acl_no_snum(const char *fname,
files_struct *fsp;
struct smb_filename *smb_fname = NULL;
int flags;
+ mode_t saved_umask;
+
+ if (!posix_locking_init(false)) {
+ TALLOC_FREE(frame);
+ return NT_STATUS_NO_MEMORY;
+ }
conn = talloc_zero(frame, connection_struct);
if (conn == NULL) {
+ TALLOC_FREE(frame);
DEBUG(0, ("talloc failed\n"));
return NT_STATUS_NO_MEMORY;
}
@@ -96,15 +110,6 @@ static NTSTATUS set_nt_acl_no_snum(const char *fname,
return NT_STATUS_NO_MEMORY;
}
- conn->params->service = -1;
-
- set_conn_connectpath(conn, "/");
-
- smbd_vfs_init(conn);
- if (!posix_locking_init(false)) {
- return NT_STATUS_NO_MEMORY;
- }
-
fsp = talloc_zero(frame, struct files_struct);
if (fsp == NULL) {
TALLOC_FREE(frame);
@@ -117,10 +122,21 @@ static NTSTATUS set_nt_acl_no_snum(const char *fname,
}
fsp->conn = conn;
+ /* we want total control over the permissions on created files,
+ so set our umask to 0 */
+ saved_umask = umask(0);
+
+ conn->params->service = -1;
+
+ set_conn_connectpath(conn, "/");
+
+ smbd_vfs_init(conn);
+
status = create_synthetic_smb_fname_split(fsp, fname, NULL,
&smb_fname);
if (!NT_STATUS_IS_OK(status)) {
TALLOC_FREE(frame);
+ umask(saved_umask);
return status;
}
@@ -140,6 +156,7 @@ static NTSTATUS set_nt_acl_no_snum(const char *fname,
if (fsp->fh->fd == -1) {
printf("open: error=%d (%s)\n", errno, strerror(errno));
TALLOC_FREE(frame);
+ umask(saved_umask);
return NT_STATUS_UNSUCCESSFUL;
}
@@ -153,6 +170,7 @@ static NTSTATUS set_nt_acl_no_snum(const char *fname,
conn_free(conn);
TALLOC_FREE(frame);
+ umask(saved_umask);
return status;
}
@@ -297,6 +315,7 @@ static PyObject *py_smbd_chown(PyObject *self, PyObject *args)
char *fname;
int uid, gid;
TALLOC_CTX *frame;
+ mode_t saved_umask;
if (!PyArg_ParseTuple(args, "sii", &fname, &uid, &gid))
return NULL;
@@ -314,6 +333,10 @@ static PyObject *py_smbd_chown(PyObject *self, PyObject *args)
return NULL;
}
+ /* we want total control over the permissions on created files,
+ so set our umask to 0 */
+ saved_umask = umask(0);
+
conn->params->service = -1;
set_conn_connectpath(conn, "/");
@@ -326,6 +349,8 @@ static PyObject *py_smbd_chown(PyObject *self, PyObject *args)
DEBUG(0,("chown returned failure: %s\n", strerror(errno)));
}
+ umask(saved_umask);
+
conn_free(conn);
TALLOC_FREE(frame);