diff options
| author | Andrew Tridgell <tridge@samba.org> | 2008-08-27 10:45:43 +0200 |
|---|---|---|
| committer | Karolin Seeger <kseeger@samba.org> | 2008-08-27 10:54:57 +0200 |
| commit | a94f44c49f668fcf12f4566777a668043326bf97 (patch) | |
| tree | 1f6814c2493620671f132b5334e8960ec4b83470 | |
| parent | 4daf89d1fd5388a1bdd2c41cd69c6f04675eaa0d (diff) | |
| download | samba-a94f44c49f668fcf12f4566777a668043326bf97.tar.gz | |
ldb: Fix permissions of group_mapping.ldb.
This one fixes bug #5715 and CVE-2008-3789.
| -rw-r--r-- | source/groupdb/mapping_ldb.c | 8 |
1 files changed, 7 insertions, 1 deletions
diff --git a/source/groupdb/mapping_ldb.c b/source/groupdb/mapping_ldb.c index 6775f612e79..ce65d7c46d5 100644 --- a/source/groupdb/mapping_ldb.c +++ b/source/groupdb/mapping_ldb.c @@ -74,7 +74,13 @@ static bool init_group_mapping(void) if (ret != LDB_SUCCESS) { goto failed; } - + + /* force the permissions on the ldb to 0600 - this will fix + existing databases as well as new ones */ + if (chmod(db_path, 0600) != 0) { + goto failed; + } + if (!existed) { /* initialise the ldb with an index */ struct ldb_ldif *ldif; |