[PATCH 0/13] add SMB2 server-side copy support - V2
Jeremy Allison
jra at samba.org
Thu Dec 6 10:53:52 MST 2012
On Thu, Dec 06, 2012 at 02:15:44PM +0100, David Disseldorp wrote:
> On Wed, 28 Nov 2012 20:00:50 -0800
> Jeremy Allison <jra at samba.org> wrote:
>
> > > > I think inside fsctl_srv_copychunk_send() you should have a check
> > > > similar to the one inside source3/smbd/smb2_write. Look for
> > > > the CHECK_WRITE macro inside that file for details.
> > >
> > > Good catch, looks like a CHECK_READ on the src_fsp is also needed.
> >
> > Oh - good point, I forgot about that one too !
>
> Strangely Windows servers do not appear to check the open-time granted
> access on the source file. This behaviour matches what is documented in
> [MS-SMB2] 3.3.5.15.6 Handling a Server-Side Data Copy Request, where
> only the destination file is checked for open-time granted read and
> write access.
>
> I'll drop the src_fsp check for now, dest_fsp will be checked for read
> and write access. New round of patches with a bunch more torture tests
> is on its way.
I don't think we can do that can we ?
Imagine the following, a "super-secure" file is opened with READ_ATTRIBUTES
only, then used as a copychunk source handle to copy data from it into a
"non-secure" file.
I think we have to have the read check on the source file.
Jeremy.
More information about the samba-technical
mailing list