You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@commons.apache.org by mt...@apache.org on 2009/09/04 14:38:13 UTC

svn commit: r811369 - /commons/sandbox/runtime/trunk/src/main/native/os/win32/temps.c

Author: mturk
Date: Fri Sep  4 12:38:13 2009
New Revision: 811369

URL: http://svn.apache.org/viewvc?rev=811369&view=rev
Log:
Secure temp file

Modified:
    commons/sandbox/runtime/trunk/src/main/native/os/win32/temps.c

Modified: commons/sandbox/runtime/trunk/src/main/native/os/win32/temps.c
URL: http://svn.apache.org/viewvc/commons/sandbox/runtime/trunk/src/main/native/os/win32/temps.c?rev=811369&r1=811368&r2=811369&view=diff
==============================================================================
--- commons/sandbox/runtime/trunk/src/main/native/os/win32/temps.c (original)
+++ commons/sandbox/runtime/trunk/src/main/native/os/win32/temps.c Fri Sep  4 12:38:13 2009
@@ -115,7 +115,10 @@
     }
 
     sa.nLength = sizeof(SECURITY_ATTRIBUTES);
-    sa.lpSecurityDescriptor = NULL;
+    /* Allow access only to owner and Administrators Group */
+    sa.lpSecurityDescriptor = ACR_GetSecurityDescriptor(INVALID_HANDLE_VALUE,
+                                                GENERIC_ALL | FILE_ALL_ACCESS,
+                                                0);
     sa.bInheritHandle       = FALSE;
     for (;;) {
         fh = CreateFileW(path,