Bug 10252 - Access Based Enuemration: User can see/list folders/files even when they denied to either read attribute or read extend attribiute permission
werth at linux.vnet.ibm.com
Wed Nov 6 08:08:42 MST 2013
On Wed, 2013-11-06 at 12:20 +0530, Partha Sarathi wrote:
> bash-4.0$ diff -up smbd/dir.c smbd/dir.c.fix
> --- smbd/dir.c 2013-11-05 22:42:44.565464984 -0800
> - return can_access_file_acl(conn, smb_fname, FILE_READ_DATA);
> + return can_access_file_acl(conn, smb_fname, (FILE_READ_DATA |
> FILE_READ_EA | FILE_READ_ATTRIBUTES));
> Note: I have done the unit test and it just works like Windows i.e even if
> the user is just denied for any one of the READ permissions samba hides the
> folder/files with the above changes.
I just tried a few things with Access based enumeration and I actually
needed the permission to read permissions as well on the windows folders
before I could see them.
I was using two windows 2008r2 systems for my test.
Did I miss something that I needed that read permission on top of the
More information about the samba-technical