• Andrew Bartlett's avatar
    CVE-2019-3870 pysmbd: Move umask manipuations as close as possible to users · 30db4865
    Andrew Bartlett authored
    Umask manipulation was added to pysmbd with e146fe5e in 2012
    and init_files_struct was split out in 747c3f1f in 2018 for
    Samba 4.9. (It was added to assist the smbd.create_file() routine used in the backup and
    restore tools, which needed to write files with full metadata).
    
    This in turn avoids leaving init_files_struct() without resetting the umask to
    the original, saved, value.
    
    Per umask(2) this is required before open() and mkdir() system calls (along
    side other file-like things such as those for Unix domain socks and FIFOs etc).
    
    Therefore for safety and clarify the additional 'belt and braces' umask
    manipuations elsewhere are removed.
    
    mkdir() will be protected by a umask() bracket, for correctness, in the next patch.
    
    BUG: https://bugzilla.samba.org/show_bug.cgi?id=13834Signed-off-by: 's avatarAndrew Bartlett <abartlet@samba.org>
    
    (This backport to Samba 4.9 by Andrew Bartlett is not a pure
    cherry-pick due to merge conflicts)
    30db4865
Name
Last commit
Last update
..
flapping.d Loading commit data...
gnupg Loading commit data...
knownfail.d Loading commit data...
manage-ca Loading commit data...
target Loading commit data...
README Loading commit data...
SocketWrapper.pm Loading commit data...
Subunit.pm Loading commit data...
TODO Loading commit data...
devel_env.sh Loading commit data...
filter-subunit Loading commit data...
flapping Loading commit data...
format-subunit Loading commit data...
format-subunit-json Loading commit data...
gdb_backtrace Loading commit data...
gdb_backtrace_test.c Loading commit data...
gdb_run Loading commit data...
in_screen Loading commit data...
knownfail Loading commit data...
perf_tests.py Loading commit data...
quick Loading commit data...
save.env.sh Loading commit data...
selftest.pl Loading commit data...
selftest.pl.1 Loading commit data...
selftesthelpers.py Loading commit data...
skip Loading commit data...
skip.no-GSS_KRB5_CRED_NO_CI_FLAGS_X Loading commit data...
skip_mit_kdc Loading commit data...
slow Loading commit data...
subunithelper.py Loading commit data...
tap2subunit Loading commit data...
tests.py Loading commit data...
valgrind_run Loading commit data...
wscript Loading commit data...