[Samba] User can't access a share that he has full control of

Mon Aug 21 18:06:02 GMT 2006

Hi Jeremy,

Thanks Jeremy for your reply.

Let me clarify the situation since I had a big typo in my original
posting.

1. Yes, the user has "---" access rights on dir2 but I still would like
to give this user full control on dir3 in which I share directly. It can
be done on windows but can't be done on SAMBA

2. You right, if the user does have "x" access on all directory leading
to dir3, he'll be fine but I'm not sure the customer will like that
since as you I'm sure know, more and more windows customers are
expecting us to be more and more 100% windows compatible right!!! And
the customer I guess cares less about posix or our implementation
challenges.

3. If I do this change for our customers, is there any security issue
here that I haven't thought about?

Thanks so much

Cheers,
Ephi

Here is my change:

In vfs.c:
==========
int vfs_ChDir(connection_struct *conn, const char *path)
{
	int res;
	static pstring LastDir="";

	if (strcsequal(path,"."))
		return(0);

	if (*path == '/' && strcsequal(LastDir,path))
		return(0);

	DEBUG(4,("vfs_ChDir to %s\n",path));
#ifdef EPHI
	if (conn->vuid !=0)
		change_to_root_user();
#endif 
	res = SMB_VFS_CHDIR(conn,path);
#ifdef EPHI
	if (conn->vuid !=0)
		change_to_user(conn, conn->vuid);
#endif 
	if (!res)
		pstrcpy(LastDir,path);
	return(res);
}

In vfs-wraper.c
================
int vfswrap_stat(vfs_handle_struct *handle, connection_struct *conn,
const char *fname, SMB_STRUCT_STAT *sbuf)
{
	int result;

	START_PROFILE(syscall_stat);
#ifdef EPHI
	if (conn->vuid !=0)
		change_to_root_user();
#endif 
	result = sys_stat(fname, sbuf);
#ifdef EPHI
	if (conn->vuid !=0)
		change_to_user(conn, conn->vuid);
#endif 
	END_PROFILE(syscall_stat);
	return result;
}

-----Original Message-----
From: Jeremy Allison [mailto:jra at samba.org] 
Sent: Monday, August 21, 2006 10:23 AM
To: Ephi Dror
Cc: samba at lists.samba.org
Subject: Re: [Samba] User can't access a share that he has full control
of

On Mon, Aug 21, 2006 at 10:14:02AM -0700, Ephi Dror wrote:
> Hi all,
>  
> I have noticed that if you create a share to  path lets say
> \\dir1\dir2\dir3
> And a user lets say u1 has full control on dir3 BUT no control at all 
> on
> dir2 then user u1 cannot access the share.

What do you mean by "no control" ? Do you mean "rwx" are set to "---" ?
If so, then yes this would be expected.

> We have a situation with clients who typically do the following:
> Create a share to the root of the file system and  give only to 
> administrator full control on  for the root path then he creates 
> folders and apply ACLs to them and then creates shares to map those 
> folders directly.
> Of course, users can access those folders since they don't have search

> right on the entire path.

Looks like the Windows admins have left the by default "don't check
traversal permissions" set for all users. Windows does this by default,
POSIX doesn't.

> Was it done by purposes?

It's a POSIX difference.

> I quickly modified vfs.c and vfs-wraper .c to change to root before 
> stat or chdir is done and then change back to the original vuid and 
> things started to work.
> Basically, now it works exactly as windows behaving.

ie. It's ignoring traversal rights.

> Meaning a user can access a share that he has rights  to,  even that 
> the user has no access to all folders leading to that.

I don't want to add this right to Samba. Is there some reason they can't
add the 'x' bit to the top level path ?

Jeremy.