smb2_file_rename_information must check that the file has been opened with DELETE Access ...
Christian Ambach
ambi at samba.org
Wed Nov 14 12:48:49 MST 2012
Hi Richard,
On 11/14/2012 05:59 PM, Richard Sharpe wrote:
> On Tue, Nov 13, 2012 at 8:38 PM, Richard Sharpe
> <realrichardsharpe at gmail.com> wrote:
>> Hi folks,
>>
>> One of the smb2 tests shows that you can only do a SET_FILE_INFO
>> Rename Info if you have the source file open for delete.
>>
>> This is confirmed by MS-FSCC section x.y.z. I will confirm the
>> specific section tomorrow.
>>
>> The following is a potential fix.
>>
>> diff --git a/source3/smbd/trans2.c b/source3/smbd/trans2.c
>> index 61d755c..d919ad4 100644
>> --- a/source3/smbd/trans2.c
>> +++ b/source3/smbd/trans2.c
>> @@ -6100,6 +6100,9 @@ static NTSTATUS smb2_file_rename_information(connection_st
>> return NT_STATUS_INVALID_PARAMETER;
>> }
>>
>> + if (!(fsp->access_mask & DELETE_ACCESS)) {
>> + return NT_STATUS_ACCESS_DENIED;
>> + }
>> srvstr_get_path(ctx, pdata, req->flags2, &newname,
>> &pdata[20], len, STR_TERMINATE,
>> &status);
Do we have an existing piece in the smb2 torture tests that shows that
this necessary? If there is a test in place, I think the patch is valid.
> More info:
>
> MS-FSCC, section 2.4.34 says that if DELETE ACCESS was not requested, the
> operation should fail with STATUS_ACCESS_DENIED.
>
You might see additional deviations here from [MS-SMB2]:
Look at https://bugzilla.samba.org/show_bug.cgi?id=8412, where it was
decided to not look at the share record to detect share conflicts during
rename.
I think I added a subtest in smb2.rename that will require that and is
on the knownfail list.
Cheers,
Christian
More information about the samba-technical
mailing list