[SCM] Samba Shared Repository - branch v3-4-test updated - release-4-0-0alpha7-1103-gd49ae9c

Jeremy Allison jra at samba.org
Sat May 30 20:29:16 GMT 2009


The branch, v3-4-test has been updated
       via  d49ae9c87d182f32702a0b6a1cc2a2038f31d81d (commit)
      from  0d32230c17dbfa5e790d2023ba655f109938ef28 (commit)

http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-4-test


- Log -----------------------------------------------------------------
commit d49ae9c87d182f32702a0b6a1cc2a2038f31d81d
Author: Jeremy Allison <jra at samba.org>
Date:   Sat May 30 13:28:03 2009 -0700

    Fix bug #6421 - POSIX read-only open fails on read-only shares.
    The change to smbd/trans2.c opens up
    SETFILEINFO calls to POSIX_OPEN only. The change to first smbd/open.c closes 2
    holes that would have been exposed by allowing POSIX_OPENS on readonly shares,
    and their ability to set arbitrary flags permutations. The O_CREAT ->
    O_CREAT|O_EXCL change removes an illegal combination (O_EXCL without O_CREAT)
    that previously was being passed down to the open syscall.
    Jeremy.

-----------------------------------------------------------------------

Summary of changes:
 source3/smbd/open.c   |    6 +++---
 source3/smbd/trans2.c |   14 +++++++++-----
 2 files changed, 12 insertions(+), 8 deletions(-)


Changeset truncated at 500 lines:

diff --git a/source3/smbd/open.c b/source3/smbd/open.c
index 3578f2a..a721c58 100644
--- a/source3/smbd/open.c
+++ b/source3/smbd/open.c
@@ -346,7 +346,7 @@ static NTSTATUS open_file(files_struct *fsp,
 
 	if (!CAN_WRITE(conn)) {
 		/* It's a read-only share - fail if we wanted to write. */
-		if(accmode != O_RDONLY) {
+		if(accmode != O_RDONLY || (flags & O_TRUNC) || (flags & O_APPEND)) {
 			DEBUG(3,("Permission denied opening %s\n", path));
 			return NT_STATUS_ACCESS_DENIED;
 		} else if(flags & O_CREAT) {
@@ -354,8 +354,8 @@ static NTSTATUS open_file(files_struct *fsp,
 			   O_CREAT doesn't create the file if we have write
 			   access into the directory.
 			*/
-			flags &= ~O_CREAT;
-			local_flags &= ~O_CREAT;
+			flags &= ~(O_CREAT|O_EXCL);
+			local_flags &= ~(O_CREAT|O_EXCL);
 		}
 	}
 
diff --git a/source3/smbd/trans2.c b/source3/smbd/trans2.c
index 4eb44e3..931b7df 100644
--- a/source3/smbd/trans2.c
+++ b/source3/smbd/trans2.c
@@ -6840,16 +6840,20 @@ static void call_trans2setfilepathinfo(connection_struct *conn,
 		}
 	}
 
-	if (!CAN_WRITE(conn)) {
-		reply_doserror(req, ERRSRV, ERRaccess);
-		return;
-	}
-
 	if (INFO_LEVEL_IS_UNIX(info_level) && !lp_unix_extensions()) {
 		reply_nterror(req, NT_STATUS_INVALID_LEVEL);
 		return;
 	}
 
+	if (!CAN_WRITE(conn)) {
+		/* Allow POSIX opens. The open path will deny
+		 * any non-readonly opens. */
+		if (info_level != SMB_POSIX_PATH_OPEN) {
+			reply_doserror(req, ERRSRV, ERRaccess);
+			return;
+		}
+	}
+
 	DEBUG(3,("call_trans2setfilepathinfo(%d) %s (fnum %d) info_level=%d totdata=%d\n",
 		tran_call,fname, fsp ? fsp->fnum : -1, info_level,total_data));
 


-- 
Samba Shared Repository


More information about the samba-cvs mailing list