[PATCH 1/2] Fix bug #9329 - Directory listing with SeBackup can crash smbd.
Michael Adam
obnox at samba.org
Mon Oct 29 07:14:05 MDT 2012
On 2012-10-26 at 12:52 +1100, Andrew Bartlett wrote:
> On Thu, 2012-10-25 at 17:07 -0700, Jeremy Allison wrote:
> > When we do a become_root()/unbecome_root() pair to temporarily
> > raise privilege, this NULLs out the NT token. If we're within
> > a become_root()/unbecome_root() pair then return the previous
> > token on the stack as our NT token. This is what we should be
> > using to check against NT ACLs in the file server. This copes
> > with security context changing when removing a file on close
> > under the context of another user (when 2 users have a file
> > open, one sets delete on close and then the other user has
> > to actually do the delete).
> >
> > Signed-off-by: Jeremy Allison <jra at samba.org>
> > [...]
> [...]
> Also, if get_current_nttok() really isn't related to the conn argument,
> we probably should remove it.
That is independent and could be done in a different patch, imho.
Cheers - Michael
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 206 bytes
Desc: not available
URL: <http://lists.samba.org/pipermail/samba-technical/attachments/20121029/259ba3fe/attachment.pgp>
More information about the samba-technical
mailing list