Commit f891f41e authored by Andrew Bartlett's avatar Andrew Bartlett Committed by Mathieu Parent

CVE-2019-3870 pysmbd: Ensure a zero umask is set for smbd.mkdir()

mkdir() is the other call that requires a umask of 0 in Samba.

BUG: 's avatarAndrew Bartlett <>
Reviewed-by: 's avatarJeremy Allison <>
parent e9b33016
\ No newline at end of file
......@@ -739,6 +739,8 @@ static PyObject *py_smbd_mkdir(PyObject *self, PyObject *args, PyObject *kwargs)
TALLOC_CTX *frame = talloc_stackframe();
struct connection_struct *conn = NULL;
struct smb_filename *smb_fname = NULL;
int ret;
mode_t saved_umask;
if (!PyArg_ParseTupleAndKeywords(args,
......@@ -769,8 +771,15 @@ static PyObject *py_smbd_mkdir(PyObject *self, PyObject *args, PyObject *kwargs)
return NULL;
/* we want total control over the permissions on created files,
so set our umask to 0 */
saved_umask = umask(0);
ret = SMB_VFS_MKDIR(conn, smb_fname, 00755);
if (SMB_VFS_MKDIR(conn, smb_fname, 00755) == -1) {
if (ret == -1) {
DBG_ERR("mkdir error=%d (%s)\n", errno, strerror(errno));
return NULL;
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment