Fw: Uid set instead of gid in smb_set_file_unix_basic
Jeremy Allison
jra at samba.org
Mon Apr 9 16:19:51 UTC 2018
On Mon, Apr 09, 2018 at 02:31:54PM +0200, David Disseldorp via samba-technical wrote:
> Thanks for the mail. Forwarding this through to the list until we have
> the email rejection issue resolved...
Great catch Vandana thanks !
I'll log a bug for this and forward the patch for review.
It isn't a security hole (thank goodness) as this code
isn't executed under root, so it only messes up what
the user could do anyway.
Thanks,
Jeremy.
> Begin forwarded message:
>
> Date: Mon, 9 Apr 2018 11:59:09 +0000
> From: "Rungta, Vandana"
> To: "samba-technical-owner"
> Subject: Uid set instead of gid in smb_set_file_unix_basic
>
>
> Hello,
>
> I tried to send the following email to the samba-technical mailing list – but the email was rejected.
>
> Please check the following source code:
>
> In file source3/smbd/trans2.c – in function smb_set_file_unix_basic – under the section of code “Deal with the UNIX specific gid set” if fd != -1
>
> 1. The uid is being set instead of gid.
> 2. The log message right before that line displays set_owner instead of set_grp.
>
> ret = SMB_VFS_FCHOWN(fsp, set_owner, (gid_t)-1); ==> ret = SMB_VFS_FCHOWN(fsp, (uid_t)-1, set_grp);
>
> /*
> * Deal with the UNIX specific gid set.
> */
>
> if ((set_grp != (uid_t)SMB_GID_NO_CHANGE) &&
> (sbuf.st_ex_gid != set_grp)) {
> int ret;
>
> DEBUG(10,("smb_set_file_unix_basic: SMB_SET_FILE_UNIX_BASIC "
> "changing group %u for file %s\n",
> (unsigned int)set_owner,
> smb_fname_str_dbg(smb_fname)));
> if (fsp && fsp->fh->fd != -1) {
> ret = SMB_VFS_FCHOWN(fsp, set_owner, (gid_t)-1);
>
> Thanks,
> Vandana Rungta
>
>
More information about the samba-technical
mailing list