svn commit: samba r6059 - in trunk/source/smbd: .
jra at samba.org
jra at samba.org
Fri Mar 25 03:40:48 GMT 2005
Author: jra
Date: 2005-03-25 03:40:48 +0000 (Fri, 25 Mar 2005)
New Revision: 6059
WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=6059
Log:
It's not quite accurate to say not having write access causes a group
entry never to match - it matches but if doesn't grant access is recorded
so the "other" entry isn't subsequently checked.
Fix the algorithm.
Jeremy.
Modified:
trunk/source/smbd/posix_acls.c
Changeset:
Modified: trunk/source/smbd/posix_acls.c
===================================================================
--- trunk/source/smbd/posix_acls.c 2005-03-25 01:36:42 UTC (rev 6058)
+++ trunk/source/smbd/posix_acls.c 2005-03-25 03:40:48 UTC (rev 6059)
@@ -3860,11 +3860,6 @@
goto check_stat;
}
- /* If we don't have write permission this entry never matches. */
- if (have_write == 0) {
- continue;
- }
-
switch(tagtype) {
case SMB_ACL_GROUP:
{
@@ -3874,11 +3869,17 @@
}
for (i = 0; i < current_user.ngroups; i++) {
if (current_user.groups[i] == *pgid) {
- /* We're done now we have a gid match. */
- ret = 1;
+ ret = have_write;
DEBUG(10,("check_posix_acl_group_write: file %s \
match on group %u -> can write.\n", fname, (unsigned int)*pgid ));
- goto done;
+
+ /* If we don't have write permission this entry doesn't
+ terminate the enumeration of the entries. */
+ if (have_write) {
+ goto done;
+ }
+ /* But does terminate the group iteration. */
+ break;
}
}
break;
More information about the samba-cvs
mailing list