smb2_file_rename_information must check that the file has been opened with DELETE Access ...
Jeremy Allison
jra at samba.org
Wed Nov 14 15:54:51 MST 2012
On Wed, Nov 14, 2012 at 08:48:49PM +0100, Christian Ambach wrote:
> Hi Richard,
>
> On 11/14/2012 05:59 PM, Richard Sharpe wrote:
> > On Tue, Nov 13, 2012 at 8:38 PM, Richard Sharpe
> > <realrichardsharpe at gmail.com> wrote:
> >> Hi folks,
> >>
> >> One of the smb2 tests shows that you can only do a SET_FILE_INFO
> >> Rename Info if you have the source file open for delete.
> >>
> >> This is confirmed by MS-FSCC section x.y.z. I will confirm the
> >> specific section tomorrow.
> >>
> >> The following is a potential fix.
> >>
> >> diff --git a/source3/smbd/trans2.c b/source3/smbd/trans2.c
> >> index 61d755c..d919ad4 100644
> >> --- a/source3/smbd/trans2.c
> >> +++ b/source3/smbd/trans2.c
> >> @@ -6100,6 +6100,9 @@ static NTSTATUS smb2_file_rename_information(connection_st
> >> return NT_STATUS_INVALID_PARAMETER;
> >> }
> >>
> >> + if (!(fsp->access_mask & DELETE_ACCESS)) {
> >> + return NT_STATUS_ACCESS_DENIED;
> >> + }
> >> srvstr_get_path(ctx, pdata, req->flags2, &newname,
> >> &pdata[20], len, STR_TERMINATE,
> >> &status);
>
> Do we have an existing piece in the smb2 torture tests that shows that
> this necessary? If there is a test in place, I think the patch is valid.
Yep, we already have such a test. Check out smb2.rename - and we have:
selftest/knownfail:^samba3.smb2.rename.*.simple_nodelete
selftest/knownfail:^samba3.smb2.rename.*.no_share_delete_no_delete_access
selftest/knownfail:^samba4.smb2.rename.simple\(.*\)$
selftest/knownfail:^samba4.smb2.rename.no_sharing\(.*\)$
selftest/knownfail:^samba4.smb2.rename.share_delete_and_delete_access\(.*\)$
selftest/knownfail:^samba4.smb2.rename.no_share_delete_but_delete_access\(.*\)$
selftest/knownfail:^samba4.smb2.rename.share_delete_no_delete_access\(.*\)$
selftest/knownfail:^samba4.smb2.rename.no_share_delete_no_delete_access\(.*\)$
selftest/knownfail:^samba4.smb2.rename.msword
So I think we can scratch some of these knownfails off the list with this
fix :-).
Jeremy.
More information about the samba-technical
mailing list