svn commit: samba r4026 - in branches/SAMBA_4_0/source/ntvfs/posix: .

tridge at samba.org tridge at samba.org
Wed Dec 1 11:35:02 GMT 2004 

Author: tridge
Date: 2004-12-01 11:35:01 +0000 (Wed, 01 Dec 2004)
New Revision: 4026

WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=4026

Log:
added NT ACL checking on pvfs_open() for existing files. I need to
work out some way to do a decent test suite for this.



Modified:
   branches/SAMBA_4_0/source/ntvfs/posix/pvfs_acl.c
   branches/SAMBA_4_0/source/ntvfs/posix/pvfs_open.c


Changeset:
Modified: branches/SAMBA_4_0/source/ntvfs/posix/pvfs_acl.c
===================================================================
--- branches/SAMBA_4_0/source/ntvfs/posix/pvfs_acl.c	2004-12-01 05:22:24 UTC (rev 4025)
+++ branches/SAMBA_4_0/source/ntvfs/posix/pvfs_acl.c	2004-12-01 11:35:01 UTC (rev 4026)
@@ -208,7 +208,7 @@
 		sd = acl->info.sd;
 		break;
 	default:
-		return NT_STATUS_INVALID_LEVEL;
+		return NT_STATUS_INVALID_ACL;
 	}
 
 	new_sd = info->set_secdesc.in.sd;
@@ -263,7 +263,7 @@
 		sd = acl->info.sd;
 		break;
 	default:
-		return NT_STATUS_INVALID_LEVEL;
+		return NT_STATUS_INVALID_ACL;
 	}
 
 	normalise_sd_flags(sd, info->query_secdesc.in.secinfo_flags);
@@ -273,3 +273,79 @@
 	return NT_STATUS_OK;
 }
 
+
+/*
+  default access check function based on unix permissions
+  doing this saves on building a full security descriptor
+  for the common case of access check on files with no 
+  specific NT ACL
+*/
+NTSTATUS pvfs_access_check_unix(struct pvfs_state *pvfs, 
+				struct smbsrv_request *req,
+				struct pvfs_filename *name,
+				uint32_t *access_mask)
+{
+	uid_t uid = geteuid();
+	uint32_t max_bits = SEC_RIGHTS_FILE_READ | SEC_FILE_ALL;
+
+	/* owner and root get extra permissions */
+	if (uid == 0 || uid == name->st.st_uid) {
+		max_bits |= SEC_STD_ALL;
+	}
+
+	if (*access_mask == SEC_FLAG_MAXIMUM_ALLOWED) {
+		*access_mask = max_bits;
+		return NT_STATUS_OK;
+	}
+
+	if (*access_mask & ~max_bits) {
+		return NT_STATUS_ACCESS_DENIED;
+	}
+
+	return NT_STATUS_OK;
+}
+
+
+/*
+  check the security descriptor on a file, if any
+  
+  *access_mask is modified with the access actually granted
+*/
+NTSTATUS pvfs_access_check(struct pvfs_state *pvfs, 
+			   struct smbsrv_request *req,
+			   struct pvfs_filename *name,
+			   uint32_t *access_mask)
+{
+	struct nt_user_token *token = req->session->session_info->nt_user_token;
+	struct xattr_NTACL *acl;
+	NTSTATUS status;
+	struct security_descriptor *sd;
+
+	acl = talloc_p(req, struct xattr_NTACL);
+	if (acl == NULL) {
+		return NT_STATUS_NO_MEMORY;
+	}
+
+	status = pvfs_acl_load(pvfs, name, -1, acl);
+	if (NT_STATUS_EQUAL(status, NT_STATUS_NOT_FOUND)) {
+		talloc_free(acl);
+		return pvfs_access_check_unix(pvfs, req, name, access_mask);
+	}
+	if (!NT_STATUS_IS_OK(status)) {
+		return status;
+	}
+
+	switch (acl->version) {
+	case 1:
+		sd = acl->info.sd;
+		break;
+	default:
+		return NT_STATUS_INVALID_ACL;
+	}
+
+	status = sec_access_check(sd, token, *access_mask, access_mask);
+
+	talloc_free(acl);
+	
+	return status;
+}

Modified: branches/SAMBA_4_0/source/ntvfs/posix/pvfs_open.c
===================================================================
--- branches/SAMBA_4_0/source/ntvfs/posix/pvfs_open.c	2004-12-01 05:22:24 UTC (rev 4025)
+++ branches/SAMBA_4_0/source/ntvfs/posix/pvfs_open.c	2004-12-01 11:35:01 UTC (rev 4026)
@@ -862,14 +862,6 @@
 	share_access   = io->generic.in.share_access;
 	access_mask    = io->generic.in.access_mask;
 
-	if (access_mask & SEC_FLAG_MAXIMUM_ALLOWED) {
-		if (name->exists && (name->dos.attrib & FILE_ATTRIBUTE_READONLY)) {
-			access_mask = SEC_RIGHTS_FILE_READ;
-		} else {
-			access_mask = SEC_RIGHTS_FILE_READ | SEC_RIGHTS_FILE_WRITE;
-		}
-	}
-
 	/* certain create options are not allowed */
 	if ((create_options & NTCREATEX_OPTIONS_DELETE_ON_CLOSE) &&
 	    !(access_mask & SEC_STD_DELETE)) {
@@ -914,12 +906,6 @@
 		return NT_STATUS_INVALID_PARAMETER;
 	}
 
-	if (access_mask & (SEC_FILE_WRITE_DATA | SEC_FILE_APPEND_DATA)) {
-		flags |= O_RDWR;
-	} else {
-		flags |= O_RDONLY;
-	}
-
 	if (io->generic.in.file_attr & FILE_ATTRIBUTE_DIRECTORY) {
 		return NT_STATUS_INVALID_PARAMETER;
 	}
@@ -949,6 +935,12 @@
 		return NT_STATUS_CANNOT_DELETE;
 	}
 
+	/* check the security descriptor */
+	status = pvfs_access_check(pvfs, req, name, &access_mask);
+	if (!NT_STATUS_IS_OK(status)) {
+		return status;
+	}
+
 	f = talloc_p(req, struct pvfs_file);
 	if (f == NULL) {
 		return NT_STATUS_NO_MEMORY;
@@ -1036,6 +1028,12 @@
 
 	f->handle->have_opendb_entry = True;
 
+	if (access_mask & (SEC_FILE_WRITE_DATA | SEC_FILE_APPEND_DATA)) {
+		flags |= O_RDWR;
+	} else {
+		flags |= O_RDONLY;
+	}
+
 	/* do the actual open */
 	fd = open(f->handle->name->full_name, flags);
 	if (fd == -1) {

More information about the samba-cvs mailing list