mdbox: Create files with O_NOFOLLOW

author Timo Sirainen <timo.sirainen@open-xchange.com>

Mon, 27 Apr 2026 22:20:20 +0000 (01:20 +0300)

committer timo.sirainen <timo.sirainen@open-xchange.com>

Thu, 30 Apr 2026 07:59:41 +0000 (07:59 +0000)
author Timo Sirainen <timo.sirainen@open-xchange.com>
Mon, 27 Apr 2026 22:20:20 +0000 (01:20 +0300)
committer timo.sirainen <timo.sirainen@open-xchange.com>
Thu, 30 Apr 2026 07:59:41 +0000 (07:59 +0000)
diff --git a/src/lib-storage/index/dbox-multi/mdbox-file.c b/src/lib-storage/index/dbox-multi/mdbox-file.c

index 16c68818ceee3949b20b72a192f10e9a51d3b877..00f964d67880ca4c0ba59d05d64658100e272f41 100644 (file)
--- a/src/lib-storage/index/dbox-multi/mdbox-file.c
+++ b/src/lib-storage/index/dbox-multi/mdbox-file.c
@@ -311,7 +311,7 @@ int mdbox_file_create_fd(struct dbox_file *file, const char *path, bool parents)
         mailbox_list_get_root_permissions(map->root_list, &perm);
  
         old_mask = umask(0666 & ~perm.file_create_mode);
-       fd = open(path, O_RDWR | O_CREAT | O_TRUNC, 0666);
+       fd = open(path, O_RDWR | O_CREAT | O_TRUNC | O_NOFOLLOW, 0666);
         umask(old_mask);
         if (fd == -1 && errno == ENOENT && parents &&
             (p = strrchr(path, '/')) != NULL) {
@@ -326,7 +326,7 @@ int mdbox_file_create_fd(struct dbox_file *file, const char *path, bool parents)
                 }
                 /* try again */
                 old_mask = umask(0666 & ~perm.file_create_mode);
-               fd = open(path, O_RDWR | O_CREAT | O_TRUNC, 0666);
+               fd = open(path, O_RDWR | O_CREAT | O_TRUNC | O_NOFOLLOW, 0666);
                 umask(old_mask);
         }
         if (fd == -1) {
author	Timo Sirainen <timo.sirainen@open-xchange.com>
	Mon, 27 Apr 2026 22:20:20 +0000 (01:20 +0300)
committer	timo.sirainen <timo.sirainen@open-xchange.com>
	Thu, 30 Apr 2026 07:59:41 +0000 (07:59 +0000)