svn commit: samba r5323 - in trunk/source/smbd: .
jra at samba.org
jra at samba.org
Fri Feb 11 02:14:39 GMT 2005
Author: jra
Date: 2005-02-11 02:14:39 +0000 (Fri, 11 Feb 2005)
New Revision: 5323
WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=5323
Log:
In order to process DELETE_ACCESS correctly and return access denied
to a WXPSP2 client we must do permission checking in userspace first
(this is a race condition but what can you do...). Needed for bugid #2227.
Jeremy.
Modified:
trunk/source/smbd/nttrans.c
trunk/source/smbd/posix_acls.c
trunk/source/smbd/reply.c
Changeset:
Modified: trunk/source/smbd/nttrans.c
===================================================================
--- trunk/source/smbd/nttrans.c 2005-02-11 02:08:39 UTC (rev 5322)
+++ trunk/source/smbd/nttrans.c 2005-02-11 02:14:39 UTC (rev 5323)
@@ -782,6 +782,15 @@
}
}
+ if (desired_access & DELETE_ACCESS) {
+ status = can_delete(conn, fname, file_attributes, bad_path, True);
+ if (!NT_STATUS_IS_OK(status) && !NT_STATUS_EQUAL(status,NT_STATUS_FILE_IS_A_DIRECTORY)) {
+ restore_case_semantics(conn, file_attributes);
+ END_PROFILE(SMBntcreateX);
+ return ERROR_NT(status);
+ }
+ }
+
/*
* If it's a request for a directory open, deal with it separately.
*/
@@ -1321,6 +1330,15 @@
return set_bad_path_error(errno, bad_path, outbuf, ERRDOS,ERRbadpath);
}
+ if (desired_access & DELETE_ACCESS) {
+ status = can_delete(conn, fname, file_attributes, bad_path, True);
+ if (!NT_STATUS_IS_OK(status) && !NT_STATUS_EQUAL(status,NT_STATUS_FILE_IS_A_DIRECTORY)) {
+ restore_case_semantics(conn, file_attributes);
+ END_PROFILE(SMBntcreateX);
+ return ERROR_NT(status);
+ }
+ }
+
/*
* If it's a request for a directory open, deal with it separately.
*/
Modified: trunk/source/smbd/posix_acls.c
===================================================================
--- trunk/source/smbd/posix_acls.c 2005-02-11 02:08:39 UTC (rev 5322)
+++ trunk/source/smbd/posix_acls.c 2005-02-11 02:14:39 UTC (rev 5323)
@@ -3753,3 +3753,14 @@
SMB_VFS_SYS_ACL_FREE_ACL(conn, file_acl);
return True;
}
+
+/****************************************************************************
+ Actually emulate the in-kernel access checking for write access. We need
+ this to successfully return ACCESS_DENIED on a file open for delete access.
+****************************************************************************/
+
+BOOL can_delete_file_in_directory(connection_struct *conn, const char *fname)
+{
+ /* Add acl check here... JRA */
+ return True;
+}
Modified: trunk/source/smbd/reply.c
===================================================================
--- trunk/source/smbd/reply.c 2005-02-11 02:08:39 UTC (rev 5322)
+++ trunk/source/smbd/reply.c 2005-02-11 02:14:39 UTC (rev 5323)
@@ -1438,7 +1438,7 @@
Check if a user is allowed to rename a file.
********************************************************************/
-static NTSTATUS can_rename(char *fname,connection_struct *conn, uint16 dirtype, SMB_STRUCT_STAT *pst)
+static NTSTATUS can_rename(connection_struct *conn, char *fname, uint16 dirtype, SMB_STRUCT_STAT *pst)
{
int smb_action;
int access_mode;
@@ -1479,7 +1479,7 @@
Check if a user is allowed to delete a file.
********************************************************************/
-static NTSTATUS can_delete(char *fname,connection_struct *conn, int dirtype, BOOL bad_path)
+NTSTATUS can_delete(connection_struct *conn, char *fname, int dirtype, BOOL bad_path, BOOL check_is_at_open)
{
SMB_STRUCT_STAT sbuf;
int fmode;
@@ -1520,6 +1520,10 @@
if ((fmode & ~dirtype) & (aHIDDEN | aSYSTEM))
return NT_STATUS_NO_SUCH_FILE;
+ if (check_is_at_open && !can_delete_file_in_directory(conn, fname)) {
+ return NT_STATUS_ACCESS_DENIED;
+ }
+
/* We need a better way to return NT status codes from open... */
unix_ERR_class = 0;
unix_ERR_code = 0;
@@ -1598,7 +1602,7 @@
if (!has_wild) {
pstrcat(directory,"/");
pstrcat(directory,mask);
- error = can_delete(directory,conn,dirtype,bad_path);
+ error = can_delete(conn,directory,dirtype,bad_path,False);
if (!NT_STATUS_IS_OK(error))
return error;
@@ -1656,7 +1660,7 @@
}
slprintf(fname,sizeof(fname)-1, "%s/%s",directory,dname);
- error = can_delete(fname,conn,dirtype,bad_path);
+ error = can_delete(conn,fname,dirtype,bad_path,False);
if (!NT_STATUS_IS_OK(error)) {
continue;
}
@@ -3744,7 +3748,7 @@
return NT_STATUS_OBJECT_NAME_COLLISION;
}
- error = can_rename(newname,conn,attrs,&sbuf);
+ error = can_rename(conn,newname,attrs,&sbuf);
if (dest_exists && !NT_STATUS_IS_OK(error)) {
DEBUG(3,("rename_internals: Error %s rename %s -> %s\n",
@@ -3950,7 +3954,7 @@
return NT_STATUS_OBJECT_PATH_NOT_FOUND;
}
- error = can_rename(directory,conn,attrs,&sbuf1);
+ error = can_rename(conn,directory,attrs,&sbuf1);
if (!NT_STATUS_IS_OK(error)) {
DEBUG(3,("rename_internals: Error %s rename %s -> %s\n",
@@ -4045,7 +4049,7 @@
DEBUG(6,("rename %s failed. Error %s\n", fname, nt_errstr(error)));
continue;
}
- error = can_rename(fname,conn,attrs,&sbuf1);
+ error = can_rename(conn,fname,attrs,&sbuf1);
if (!NT_STATUS_IS_OK(error)) {
DEBUG(6,("rename %s refused\n", fname));
continue;
More information about the samba-cvs
mailing list