lib/util: change file_save_mode() to use O_EXCL

Almost all the callers are debug tools or developer debugging aids
and these callers clearly expect to create a new file.

Unchanged in behaviour is:
 - TLS certificate creation.  This already confirms the files do no exist
   prior to generation.

These will now no longer overwrite the given filename
 - net ads pac save
 - net eventlog export

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>

diff --git a/WHATSNEW.txt b/WHATSNEW.txt
index cc43b29b3d11974f9e6427c255ed1bac82dde33f..376cd2862f132d4db277e7a765912549151b4864 100644 (file)
--- a/WHATSNEW.txt
+++ b/WHATSNEW.txt
@@ -53,6 +53,13 @@ cryptography effectively wraps bad cryptography, but for now that above
 applies.
 
 
+"net ads kerberos pac save" and "net eventlog export"
+-----------------------------------------------------
+
+The "net ads kerberos pac save" and "net eventlog export" tools will
+no longer silently overwrite an existing file during data export.  If
+the filename given exits, an error will be shown.
+
 REMOVED FEATURES
 ================
 

diff --git a/lib/util/util_file.c b/lib/util/util_file.c
index 5260ee9d721a756d59d07c8c7c272832a37d59ab..0c890f9b5ea82b689360d70202e9d48138721eac 100644 (file)
--- a/lib/util/util_file.c
+++ b/lib/util/util_file.c
@@ -329,7 +329,7 @@ _PUBLIC_ bool file_save_mode(const char *fname, const void *packet,
 {
        ssize_t num_written;
        int fd;
-       fd = open(fname, O_WRONLY|O_CREAT|O_TRUNC, mode);
+       fd = open(fname, O_WRONLY|O_CREAT|O_EXCL, mode);
        if (fd == -1) {
                return false;
        }