From 1658725f8812ed0bafffd71a1b566706e91c5e85 Mon Sep 17 00:00:00 2001
From: Russ Allbery <rra@stanford.edu>
Date: Sat, 19 Jan 2008 01:14:16 +0000
Subject: If -f is used and the output file name with ".new" appended already
 exists, unlink it first and then create it safely rather than truncating it. 
 This is much safer when creating files in a world-writable directory.

Also add documentation for keytab merging.
---
 client/file.c | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

(limited to 'client/file.c')

diff --git a/client/file.c b/client/file.c
index ce25ab5..17f0f23 100644
--- a/client/file.c
+++ b/client/file.c
@@ -26,7 +26,10 @@ overwrite_file(const char *name, const void *data, size_t length)
     int fd;
     ssize_t status;
 
-    fd = open(name, O_WRONLY | O_CREAT | O_TRUNC, 0600);
+    if (access(name, F_OK) == 0)
+        if (unlink(name) < 0)
+            sysdie("unable to delete existing file %s", name);
+    fd = open(name, O_WRONLY | O_CREAT | O_EXCL, 0600);
     if (fd < 0)
         sysdie("open of %s failed", name);
     status = write(fd, data, length);
-- 
cgit v1.2.3