[SCM] Samba Shared Repository - branch v3-4-test updated - release-4-0-0alpha7-1128-gcea3a63

Karolin Seeger kseeger at samba.org
Fri Jun 12 13:42:58 GMT 2009


The branch, v3-4-test has been updated
       via  cea3a63a86a733a16c3e91f5a78e972be802eb5c (commit)
      from  08bb869d03520479989052b1fd9ef3f788d95589 (commit)

http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-4-test


- Log -----------------------------------------------------------------
commit cea3a63a86a733a16c3e91f5a78e972be802eb5c
Author: Jeremy Allison <jra at samba.org>
Date:   Fri Jun 12 15:41:20 2009 +0200

    Fix bug #6297 - owner of sticky directory cannot delete files created by
    others.
    The reason we couldn't delete was we were erroring out early
    if requestor was not the owner of the file we wanted to delete,
    instead of checking if the requestor owned the directory as well.
    If either of these is true, we must go on and check the ACL.
    Karolin, this is a must for 3.4.0 and also 3.3.next. I'll update
    the bug report with patches for 3.4.0 and 3.3.next and ask vl
    to review.
    Jeremy.

-----------------------------------------------------------------------

Summary of changes:
 source3/smbd/file_access.c |   15 +++++++++++++--
 1 files changed, 13 insertions(+), 2 deletions(-)


Changeset truncated at 500 lines:

diff --git a/source3/smbd/file_access.c b/source3/smbd/file_access.c
index abffcd2..1c0124e 100644
--- a/source3/smbd/file_access.c
+++ b/source3/smbd/file_access.c
@@ -89,7 +89,8 @@ bool can_delete_file_in_directory(connection_struct *conn, const char *fname)
 	}
 
 #ifdef S_ISVTX
-	/* sticky bit means delete only by owner or root. */
+	/* sticky bit means delete only by owner of file or by root or
+	 * by owner of directory. */
 	if (sbuf.st_mode & S_ISVTX) {
 		SMB_STRUCT_STAT sbuf_file;
 		if(SMB_VFS_STAT(conn, fname, &sbuf_file) != 0) {
@@ -98,14 +99,24 @@ bool can_delete_file_in_directory(connection_struct *conn, const char *fname)
 				 * yes we'll be able to delete it. */
 				return True;
 			}
+			DEBUG(10,("can_delete_file_in_directory: can't "
+				"stat file %s (%s)",
+				fname, strerror(errno) ));
 			return False;
 		}
 		/*
 		 * Patch from SATOH Fumiyasu <fumiyas at miraclelinux.com>
 		 * for bug #3348. Don't assume owning sticky bit
 		 * directory means write access allowed.
+		 * Fail to delete if we're not the owner of the file,
+		 * or the owner of the directory as we have no possible
+		 * chance of deleting. Otherwise, go on and check the ACL.
 		 */
-		if (conn->server_info->utok.uid != sbuf_file.st_uid) {
+		if ((conn->server_info->utok.uid != sbuf.st_uid) &&
+				(conn->server_info->utok.uid != sbuf_file.st_uid)) {
+			DEBUG(10,("can_delete_file_in_directory: not "
+				"owner of file %s or directory %s",
+				fname, dname));
 			return False;
 		}
 	}


-- 
Samba Shared Repository


More information about the samba-cvs mailing list