[Samba] Re: XFS and inherit permissions bug?

initiators at free.fr initiators at free.fr
Fri Jan 4 14:55:33 GMT 2008


Hello

I've seen nothing new on the Samba mailing list about this one, is there
a plan to make this an official patch?
This could also probably be considered a security issue and be
integrated in the Debian package?


David Disseldorp a écrit :
> Hi
> 
> On Fri, 09 Nov 2007 15:05:22 +0100
> "initiators at free.fr" <initiators at free.fr> wrote:
> 
> 
> Finally got to the bottom of this one. To sum it up, the setgid bit is lost
> by XFS under certain circumstances when performing acl_set_file() as non 
> root during inherit_access_acl().
> 
> This is different to how EXT3 behaves in this case - setgid remains.
> 
> Samba 3.0.24 source/smbd/vfs.c:
>     370 int vfs_MkDir(connection_struct *conn, const char *name, mode_t mode)
>     371 {
>     372     int ret;
>     373     SMB_STRUCT_STAT sbuf;
>     374
>     375     if(!(ret=SMB_VFS_MKDIR(conn, name, mode))) {
>     376
>     377         inherit_access_acl(conn, name, mode);
> 
> After this there is a check whether any high mode bits are lost (setgid):
> 
>     384         if(mode & ~(S_IRWXU|S_IRWXG|S_IRWXO) &&
>     385                 !SMB_VFS_STAT(conn,name,&sbuf) && (mode & ~sbuf.st_mode))
>     386             SMB_VFS_CHMOD(conn,name,sbuf.st_mode | (mode & ~sbuf.st_mode));
> 
> Only problem is the SMB_VFS_CHMOD does a chmod_acl() which eventually ends up
> calling acl_set_file(), and where back to where we started ;)
> 
> Anyhow this patch for 3.0.24 should fix the setgid inheritance problem:
> 
> ----- start patch -----
> Index: samba-3.0.24.vanilla/source/smbd/posix_acls.c
> ===================================================================
> --- samba-3.0.24.vanilla.orig/source/smbd/posix_acls.c  2007-11-02 11:12:05.338179162 +1100
> +++ samba-3.0.24.vanilla/source/smbd/posix_acls.c       2007-11-22 17:09:31.351873317 +1100
> @@ -3450,7 +3450,12 @@
>         if ((ret = chmod_acl_internals(conn, posix_acl, mode)) == -1)
>                 goto done;
> 
> +       /*
> +        * high mode bits (SGID) may be lost if acl_set_file is not run as root
> +        */
> +       become_root();
>         ret = SMB_VFS_SYS_ACL_SET_FILE(conn, to, SMB_ACL_TYPE_ACCESS, posix_acl);
> +       unbecome_root();
> 
>   done:
> ----- end patch -----
> 
> The XFS team are looking into the issue. Thanks again for your bug report.
> 
> Cheers, Dave



More information about the samba mailing list