Skip to content
Snippets Groups Projects
Commit 4943ff82 authored by Ronny Nilsson's avatar Ronny Nilsson
Browse files

Ensure this program is the creator of an empty file when generating the metadata blob.

This is for security reason. Must not overwrite anything else via symlinks.
parent e832ed98
No related branches found
No related tags found
No related merge requests found
...@@ -583,8 +583,8 @@ static int meta_generate_blob(int seqNo) ...@@ -583,8 +583,8 @@ static int meta_generate_blob(int seqNo)
if(seqNo < 0 || seqNo > 999) return -1; if(seqNo < 0 || seqNo > 999) return -1;
// TODO: don't write a file! Use a small memory buffer instead! // TODO: don't write a file! Use a small memory buffer instead!
outFd = open("/tmp/ronny", O_WRONLY | O_CREAT | O_TRUNC, outFd = open("/tmp/ronny", O_WRONLY | O_CREAT | O_EXCL | O_TRUNC |
S_IRUSR | S_IWUSR | S_IRGRP | S_IROTH); O_NOFOLLOW, S_IRUSR | S_IWUSR | S_IRGRP | S_IROTH);
if(outFd == -1) { if(outFd == -1) {
perror("Error creating file"); perror("Error creating file");
return -1; return -1;
......
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment