diff options
author | Jeremy Allison <jra@samba.org> | 2010-02-05 15:20:18 -0800 |
---|---|---|
committer | Jeremy Allison <jra@samba.org> | 2010-02-05 15:20:18 -0800 |
commit | bd269443e311d96ef495a9db47d1b95eb83bb8f4 (patch) | |
tree | 5324577b3945cd4184da50e8b4f2ccc018a5621a | |
parent | abbd0f9195fe9b4feb29b86a04c88be001e2737a (diff) | |
download | samba-bd269443e311d96ef495a9db47d1b95eb83bb8f4.tar.gz samba-bd269443e311d96ef495a9db47d1b95eb83bb8f4.tar.bz2 samba-bd269443e311d96ef495a9db47d1b95eb83bb8f4.zip |
Fix bug 7104 - "wide links" and "unix extensions" are incompatible.
Change parameter "wide links" to default to "no".
Ensure "wide links = no" if "unix extensions = yes" on a share.
Fix man pages to refect this.
Remove "within share" checks for a UNIX symlink set - even if
widelinks = no. The server will not follow that link anyway.
Correct DEBUG message in check_reduced_name() to add missing "\n"
so it's really clear when a path is being denied as it's outside
the enclosing share path.
Jeremy.
-rw-r--r-- | docs-xml/smbdotconf/misc/widelinks.xml | 13 | ||||
-rw-r--r-- | docs-xml/smbdotconf/protocol/unixextensions.xml | 3 | ||||
-rw-r--r-- | source3/param/loadparm.c | 2 | ||||
-rw-r--r-- | source3/smbd/service.c | 8 | ||||
-rw-r--r-- | source3/smbd/trans2.c | 36 | ||||
-rw-r--r-- | source3/smbd/vfs.c | 2 |
6 files changed, 22 insertions, 42 deletions
diff --git a/docs-xml/smbdotconf/misc/widelinks.xml b/docs-xml/smbdotconf/misc/widelinks.xml index fb707c1950..1c30bb768a 100644 --- a/docs-xml/smbdotconf/misc/widelinks.xml +++ b/docs-xml/smbdotconf/misc/widelinks.xml @@ -9,10 +9,15 @@ server are always allowed; this parameter controls access only to areas that are outside the directory tree being exported.</para> - <para>Note that setting this parameter can have a negative - effect on your server performance due to the extra system calls - that Samba has to do in order to perform the link checks.</para> + <para>Note: Turning this parameter on when UNIX extensions are enabled + will allow UNIX clients to create symbolic links on the share that + can point to files or directories outside restricted path exported + by the share definition. This can cause access to areas outside of + the share. Due to this problem, this parameter will be automatically + disabled (with a message in the log file) if the + <smbconfoption name="unix extensions"/> option is on. + </para> </description> -<value type="default">yes</value> +<value type="default">no</value> </samba:parameter> diff --git a/docs-xml/smbdotconf/protocol/unixextensions.xml b/docs-xml/smbdotconf/protocol/unixextensions.xml index da9ad10a29..36e72d2a9f 100644 --- a/docs-xml/smbdotconf/protocol/unixextensions.xml +++ b/docs-xml/smbdotconf/protocol/unixextensions.xml @@ -10,6 +10,9 @@ by supporting features such as symbolic links, hard links, etc... These extensions require a similarly enabled client, and are of no current use to Windows clients.</para> + <para> + Note if this parameter is turned on, the <smbconfoption name="wide links"/> + parameter will automatically be disabled. </description> <value type="default">yes</value> diff --git a/source3/param/loadparm.c b/source3/param/loadparm.c index bd70ee1828..5bac25c433 100644 --- a/source3/param/loadparm.c +++ b/source3/param/loadparm.c @@ -606,7 +606,7 @@ static struct service sDefault = { True, /* bLevel2OpLocks */ False, /* bOnlyUser */ True, /* bMangledNames */ - True, /* bWidelinks */ + false, /* bWidelinks */ True, /* bSymlinks */ False, /* bSyncAlways */ False, /* bStrictAllocate */ diff --git a/source3/smbd/service.c b/source3/smbd/service.c index e8775ffd7b..8039d16586 100644 --- a/source3/smbd/service.c +++ b/source3/smbd/service.c @@ -1039,6 +1039,14 @@ connection_struct *make_connection_snum(struct smbd_server_connection *sconn, } #endif + if (lp_unix_extensions() && lp_widelinks(snum)) { + DEBUG(0,("Share '%s' has wide links and unix extensions enabled. " + "These parameters are incompatible. " + "Disabling wide links for this share.\n", + lp_servicename(snum) )); + lp_do_parameter(snum, "wide links", "False"); + } + /* Figure out the characteristics of the underlying filesystem. This * assumes that all the filesystem mounted withing a share path have * the same characteristics, which is likely but not guaranteed. diff --git a/source3/smbd/trans2.c b/source3/smbd/trans2.c index df61167354..28862d1f4e 100644 --- a/source3/smbd/trans2.c +++ b/source3/smbd/trans2.c @@ -5836,42 +5836,6 @@ static NTSTATUS smb_set_file_unix_link(connection_struct *conn, return NT_STATUS_INVALID_PARAMETER; } - /* !widelinks forces the target path to be within the share. */ - /* This means we can interpret the target as a pathname. */ - if (!lp_widelinks(SNUM(conn))) { - char *rel_name = NULL; - char *last_dirp = NULL; - - if (*link_target == '/') { - /* No absolute paths allowed. */ - return NT_STATUS_ACCESS_DENIED; - } - rel_name = talloc_strdup(ctx,newname); - if (!rel_name) { - return NT_STATUS_NO_MEMORY; - } - last_dirp = strrchr_m(rel_name, '/'); - if (last_dirp) { - last_dirp[1] = '\0'; - } else { - rel_name = talloc_strdup(ctx,"./"); - if (!rel_name) { - return NT_STATUS_NO_MEMORY; - } - } - rel_name = talloc_asprintf_append(rel_name, - "%s", - link_target); - if (!rel_name) { - return NT_STATUS_NO_MEMORY; - } - - status = check_name(conn, rel_name); - if (!NT_STATUS_IS_OK(status)) { - return status; - } - } - DEBUG(10,("smb_set_file_unix_link: SMB_SET_FILE_UNIX_LINK doing symlink %s -> %s\n", newname, link_target )); diff --git a/source3/smbd/vfs.c b/source3/smbd/vfs.c index 5acec70f54..94bdb1f495 100644 --- a/source3/smbd/vfs.c +++ b/source3/smbd/vfs.c @@ -945,7 +945,7 @@ NTSTATUS check_reduced_name(connection_struct *conn, const char *fname) strlen(conn_rootdir)) != 0) { DEBUG(2, ("check_reduced_name: Bad access " "attempt: %s is a symlink outside the " - "share path", fname)); + "share path\n", fname)); if (free_resolved_name) { SAFE_FREE(resolved_name); } |