diff options
| author | Andrew Bartlett <abartlet@samba.org> | 2019-11-11 13:52:22 +1300 |
|---|---|---|
| committer | Andreas Schneider <asn@cryptomilk.org> | 2019-11-15 17:21:32 +0000 |
| commit | 5e63e54f589b25af550f0d4e28e3c28e0a337c0d (patch) | |
| tree | e754adb3651f2c390351ad1b6cc87fdce61648e0 | |
| parent | 55b2cb47a9701376aa9e844390c8c4ee2d7fa6e9 (diff) | |
| download | samba-5e63e54f589b25af550f0d4e28e3c28e0a337c0d.tar.gz | |
lib/util: change file_save_mode() to use O_EXCL
Almost all the callers are debug tools or developer debugging aids
and these callers clearly expect to create a new file.
Unchanged in behaviour is:
- TLS certificate creation. This already confirms the files do no exist
prior to generation.
These will now no longer overwrite the given filename
- net ads pac save
- net eventlog export
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
| -rw-r--r-- | WHATSNEW.txt | 7 | ||||
| -rw-r--r-- | lib/util/util_file.c | 2 |
2 files changed, 8 insertions, 1 deletions
diff --git a/WHATSNEW.txt b/WHATSNEW.txt index cc43b29b3d1..376cd2862f1 100644 --- a/WHATSNEW.txt +++ b/WHATSNEW.txt @@ -53,6 +53,13 @@ cryptography effectively wraps bad cryptography, but for now that above applies. +"net ads kerberos pac save" and "net eventlog export" +----------------------------------------------------- + +The "net ads kerberos pac save" and "net eventlog export" tools will +no longer silently overwrite an existing file during data export. If +the filename given exits, an error will be shown. + REMOVED FEATURES ================ diff --git a/lib/util/util_file.c b/lib/util/util_file.c index 5260ee9d721..0c890f9b5ea 100644 --- a/lib/util/util_file.c +++ b/lib/util/util_file.c @@ -329,7 +329,7 @@ _PUBLIC_ bool file_save_mode(const char *fname, const void *packet, { ssize_t num_written; int fd; - fd = open(fname, O_WRONLY|O_CREAT|O_TRUNC, mode); + fd = open(fname, O_WRONLY|O_CREAT|O_EXCL, mode); if (fd == -1) { return false; } |