Make sure to set umask() before calling mkstemp().

Reviewed-by: David Disseldorp <ddiss@samba.org>

Autobuild-User(master): David Disseldorp <ddiss@samba.org>
Autobuild-Date(master): Wed Mar  6 01:16:34 CET 2013 on sn-devel-104

13 files changed, 71 insertions, 3 deletions

diff --git a/lib/krb5_wrap/krb5_samba.c b/lib/krb5_wrap/krb5_samba.c
index 0876ab62845..3a2401a9ad2 100644
--- a/lib/krb5_wrap/krb5_samba.c
+++ b/lib/krb5_wrap/krb5_samba.c
@@ -21,6 +21,7 @@
 */
 
 #include "includes.h"
+#include "system/filesys.h"
 #include "krb5_samba.h"
 #include "lib/util/asn1.h"
 
@@ -1483,6 +1484,7 @@ krb5_error_code kerberos_kinit_keyblock_cc(krb5_context ctx, krb5_ccache cc,
 {
 	krb5_error_code code = 0;
 	krb5_creds my_creds;
+	mode_t mask;
 
 #if defined(HAVE_KRB5_GET_INIT_CREDS_KEYBLOCK)
 	code = krb5_get_init_creds_keyblock(ctx, &my_creds, principal,
@@ -1500,7 +1502,9 @@ krb5_error_code kerberos_kinit_keyblock_cc(krb5_context ctx, krb5_ccache cc,
 	*(KRB5_KT_KEY(&entry)) = *keyblock;
 
 	memcpy(tmp_name, SMB_CREDS_KEYTAB, sizeof(SMB_CREDS_KEYTAB));
+	mask = umask(S_IRWXO | S_IRWXG);
 	mktemp(tmp_name);
+	umask(mask);
 	if (tmp_name[0] == 0) {
 		return KRB5_KT_BADNAME;
 	}
diff --git a/lib/util/util.c b/lib/util/util.c
index d49e20e6cd5..464fc62e1fb 100644
--- a/lib/util/util.c
+++ b/lib/util/util.c
@@ -63,6 +63,7 @@ int create_unlink_tmp(const char *dir)
 {
 	char *fname;
 	int fd;
+	mode_t mask;
 
 	if (!dir) {
 		dir = tmpdir();
@@ -73,7 +74,9 @@ int create_unlink_tmp(const char *dir)
 		errno = ENOMEM;
 		return -1;
 	}
+	mask = umask(S_IRWXO | S_IRWXG);
 	fd = mkstemp(fname);
+	umask(mask);
 	if (fd == -1) {
 		TALLOC_FREE(fname);
 		return -1;
diff --git a/libgpo/gpo_ini.c b/libgpo/gpo_ini.c
index 494162466d0..a2cb106d73c 100644
--- a/libgpo/gpo_ini.c
+++ b/libgpo/gpo_ini.c
@@ -63,6 +63,7 @@ static NTSTATUS convert_file_from_ucs2(TALLOC_CTX *mem_ctx,
 	NTSTATUS status;
 	size_t n = 0;
 	size_t converted_size;
+	mode_t mask;
 
 	if (!filename_out) {
 		return NT_STATUS_INVALID_PARAMETER;
@@ -81,7 +82,9 @@ static NTSTATUS convert_file_from_ucs2(TALLOC_CTX *mem_ctx,
 		goto out;
 	}
 
+	mask = umask(S_IRWXO | S_IRWXG);
 	tmp_fd = mkstemp(tmp_name);
+	umask(mask);
 	if (tmp_fd == -1) {
 		status = NT_STATUS_ACCESS_DENIED;
 		goto out;
diff --git a/source3/client/client.c b/source3/client/client.c
index 8038021d83c..e21d867c55c 100644
--- a/source3/client/client.c
+++ b/source3/client/client.c
@@ -1361,6 +1361,7 @@ static int cmd_more(void)
 	const char *pager;
 	int fd;
 	int rc = 0;
+	mode_t mask;
 
 	rname = talloc_strdup(ctx, client_get_cur_dir());
 	if (!rname) {
@@ -1371,7 +1372,9 @@ static int cmd_more(void)
 	if (!lname) {
 		return 1;
 	}
+	mask = umask(S_IRWXO | S_IRWXG);
 	fd = mkstemp(lname);
+	umask(mask);
 	if (fd == -1) {
 		d_printf("failed to create temporary file for more\n");
 		return 1;
diff --git a/source3/lib/smbrun.c b/source3/lib/smbrun.c
index 0ecdc0d6837..15a0c886e47 100644
--- a/source3/lib/smbrun.c
+++ b/source3/lib/smbrun.c
@@ -18,6 +18,7 @@
 */
 
 #include "includes.h"
+#include "system/filesys.h"
 
 /* need to move this from here!! need some sleep ... */
 struct current_user current_user;
@@ -31,6 +32,7 @@ static int setup_out_fd(void)
 	int fd;
 	TALLOC_CTX *ctx = talloc_stackframe();
 	char *path = NULL;
+	mode_t mask;
 
 	path = talloc_asprintf(ctx,
 				"%s/smb.XXXXXX",
@@ -42,7 +44,9 @@ static int setup_out_fd(void)
 	}
 
 	/* now create the file */
+	mask = umask(S_IRWXO | S_IRWXG);
 	fd = mkstemp(path);
+	umask(mask);
 
 	if (fd == -1) {
 		DEBUG(0,("setup_out_fd: Failed to create file %s. (%s)\n",
diff --git a/source3/libads/kerberos.c b/source3/libads/kerberos.c
index 50a409c1af5..96d194dc311 100644
--- a/source3/libads/kerberos.c
+++ b/source3/libads/kerberos.c
@@ -833,6 +833,7 @@ bool create_local_private_krb5_conf_for_domain(const char *realm,
 	char *realm_upper = NULL;
 	bool result = false;
 	char *aes_enctypes = NULL;
+	mode_t mask;
 
 	if (!lp_create_krb5_conf()) {
 		return false;
@@ -906,7 +907,9 @@ bool create_local_private_krb5_conf_for_domain(const char *realm,
 
 	flen = strlen(file_contents);
 
+	mask = umask(S_IRWXO | S_IRWXG);
 	fd = mkstemp(tmpname);
+	umask(mask);
 	if (fd == -1) {
 		DEBUG(0,("create_local_private_krb5_conf_for_domain: smb_mkstemp failed,"
 			" for file %s. Errno %s\n",
diff --git a/source3/libnet/libnet_samsync_ldif.c b/source3/libnet/libnet_samsync_ldif.c
index c492b9fda51..2ea9c823283 100644
--- a/source3/libnet/libnet_samsync_ldif.c
+++ b/source3/libnet/libnet_samsync_ldif.c
@@ -24,6 +24,7 @@
 */
 
 #include "includes.h"
+#include "system/filesys.h"
 #include "libnet/libnet_samsync.h"
 #include "transfer_file.h"
 #include "passdb.h"
@@ -929,6 +930,8 @@ static NTSTATUS ldif_init_context(TALLOC_CTX *mem_ctx,
 	const char *add_template = "/tmp/add.ldif.XXXXXX";
 	const char *mod_template = "/tmp/mod.ldif.XXXXXX";
 	const char *builtin_sid = "S-1-5-32";
+	mode_t mask;
+	int fd;
 
 	r = talloc_zero(mem_ctx, struct samsync_ldif_context);
 	NT_STATUS_HAVE_NO_MEMORY(r);
@@ -980,14 +983,37 @@ static NTSTATUS ldif_init_context(TALLOC_CTX *mem_ctx,
 		goto done;
 	}
 
+	mask = umask(S_IRWXO | S_IRWXG);
+	fd = mkstemp(r->add_name);
+	umask(mask);
+	if (fd < 0) {
+		DEBUG(1, ("Could not create %s\n", r->add_name));
+		status = NT_STATUS_UNSUCCESSFUL;
+		goto done;
+	}
+
 	/* Open the add and mod ldif files */
-	if (!(r->add_file = fdopen(mkstemp(r->add_name),"w"))) {
+	r->add_file = fdopen(fd, "w");
+	if (r->add_file == NULL) {
 		DEBUG(1, ("Could not open %s\n", r->add_name));
+		close(fd);
 		status = NT_STATUS_UNSUCCESSFUL;
 		goto done;
 	}
-	if (!(r->mod_file = fdopen(mkstemp(r->module_name),"w"))) {
+
+	mask = umask(S_IRWXO | S_IRWXG);
+	fd = mkstemp(r->module_name);
+	umask(mask);
+	if (fd < 0) {
+		DEBUG(1, ("Could not create %s\n", r->module_name));
+		status = NT_STATUS_UNSUCCESSFUL;
+		goto done;
+	}
+
+	r->mod_file = fdopen(fd, "w");
+	if (r->mod_file == NULL) {
 		DEBUG(1, ("Could not open %s\n", r->module_name));
+		close(fd);
 		status = NT_STATUS_UNSUCCESSFUL;
 		goto done;
 	}
diff --git a/source3/printing/printing.c b/source3/printing/printing.c
index c394118303a..43f75e5c438 100644
--- a/source3/printing/printing.c
+++ b/source3/printing/printing.c
@@ -2709,6 +2709,7 @@ static WERROR print_job_spool_file(int snum, uint32_t jobid,
 	SMB_STRUCT_STAT st;
 	const char *path;
 	int len;
+	mode_t mask;
 
 	/* if this file is within the printer path, it means that smbd
 	 * is spooling it and will pass us control when it is finished.
@@ -2746,7 +2747,9 @@ static WERROR print_job_spool_file(int snum, uint32_t jobid,
 	slprintf(pjob->filename, sizeof(pjob->filename)-1,
 		 "%s/%sXXXXXX", lp_pathname(talloc_tos(), snum),
 		 PRINT_SPOOL_PREFIX);
+	mask = umask(S_IRWXO | S_IRWXG);
 	pjob->fd = mkstemp(pjob->filename);
+	umask(mask);
 
 	if (pjob->fd == -1) {
 		werr = map_werror_from_unix(errno);
diff --git a/source3/printing/printspoolss.c b/source3/printing/printspoolss.c
index acf4c0d19af..5fab7d54efe 100644
--- a/source3/printing/printspoolss.c
+++ b/source3/printing/printspoolss.c
@@ -18,6 +18,7 @@
 */
 
 #include "includes.h"
+#include "system/filesys.h"
 #include "printing.h"
 #include "rpc_client/rpc_client.h"
 #include "../librpc/gen_ndr/ndr_spoolss_c.h"
@@ -68,6 +69,7 @@ NTSTATUS print_spool_open(files_struct *fsp,
 	struct spoolss_DocumentInfo1 *info1;
 	int fd = -1;
 	WERROR werr;
+	mode_t mask;
 
 	tmp_ctx = talloc_new(fsp);
 	if (!tmp_ctx) {
@@ -127,7 +129,9 @@ NTSTATUS print_spool_open(files_struct *fsp,
 		goto done;
 	}
 	errno = 0;
+	mask = umask(S_IRWXO | S_IRWXG);
 	fd = mkstemp(pf->filename);
+	umask(mask);
 	if (fd == -1) {
 		if (errno == EACCES) {
 			/* Common setup error, force a report. */
diff --git a/source3/smbd/message.c b/source3/smbd/message.c
index 59949e21aea..5369f3185a3 100644
--- a/source3/smbd/message.c
+++ b/source3/smbd/message.c
@@ -23,6 +23,7 @@
 
 
 #include "includes.h"
+#include "system/filesys.h"
 #include "smbd/smbd.h"
 #include "smbd/globals.h"
 #include "smbprofile.h"
@@ -50,6 +51,7 @@ static void msg_deliver(struct msg_state *state)
 	ssize_t sz;
 	fstring alpha_buf;
 	char *s;
+	mode_t mask;
 
 	if (! (*lp_msg_command(frame))) {
 		DEBUG(1,("no messaging command specified\n"));
@@ -61,7 +63,9 @@ static void msg_deliver(struct msg_state *state)
 	if (!name) {
 		goto done;
 	}
+	mask = umask(S_IRWXO | S_IRWXG);
 	fd = mkstemp(name);
+	umask(mask);
 
 	if (fd == -1) {
 		DEBUG(1, ("can't open message file %s: %s\n", name,
diff --git a/source3/utils/interact.c b/source3/utils/interact.c
index 6d753dd012e..f8fed6de198 100644
--- a/source3/utils/interact.c
+++ b/source3/utils/interact.c
@@ -25,6 +25,7 @@
  */
 
 #include "includes.h"
+#include "system/filesys.h"
 
 #include "interact.h"
 
@@ -79,8 +80,12 @@ char* interact_edit(TALLOC_CTX* mem_ctx, const char* str) {
 	char buf[128];
 	char* ret = NULL;
 	FILE* file;
+	mode_t mask;
+	int fd;
 
-	int fd = mkstemp(fname);
+	mask = umask(S_IRWXO | S_IRWXG);
+	fd = mkstemp(fname);
+	umask(mask);
 	if (fd == -1) {
 		DEBUG(0, ("failed to mkstemp %s: %s\n", fname,
 			  strerror(errno)));
diff --git a/source3/utils/net_usershare.c b/source3/utils/net_usershare.c
index 382fe2f250c..78d38daaf97 100644
--- a/source3/utils/net_usershare.c
+++ b/source3/utils/net_usershare.c
@@ -642,6 +642,7 @@ static int net_usershare_add(struct net_context *c, int argc, const char **argv)
 	uid_t myeuid = geteuid();
 	bool guest_ok = false;
 	int num_usershares;
+	mode_t mask;
 
 	us_comment = "";
 	arg_acl = "S-1-1-0:R";
@@ -895,7 +896,9 @@ static int net_usershare_add(struct net_context *c, int argc, const char **argv)
 	}
 
 	/* Create a temporary filename for this share. */
+	mask = umask(S_IRWXO | S_IRWXG);
 	tmpfd = mkstemp(full_path_tmp);
+	umask(mask);
 
 	if (tmpfd == -1) {
 		d_fprintf(stderr,
diff --git a/source4/client/client.c b/source4/client/client.c
index 66c21dfc547..cd7967ebc53 100644
--- a/source4/client/client.c
+++ b/source4/client/client.c
@@ -940,9 +940,12 @@ static int cmd_more(struct smbclient_context *ctx, const char **args)
 	char *pager;
 	int fd;
 	int rc = 0;
+	mode_t mask;
 
 	lname = talloc_asprintf(ctx, "%s/smbmore.XXXXXX",tmpdir());
+	mask = umask(S_IRWXO | S_IRWXG);
 	fd = mkstemp(lname);
+	umask(mask);
 	if (fd == -1) {
 		d_printf("failed to create temporary file for more\n");
 		return 1;