diff options
author | Jeremy Allison <jra@samba.org> | 2011-11-04 15:45:13 -0700 |
---|---|---|
committer | Jeremy Allison <jra@samba.org> | 2011-11-04 15:45:13 -0700 |
commit | 60b741415d9357f11ae1db80f93035058fdbe4e8 (patch) | |
tree | 7d0cf3c86e1280627fc35cafe6f562ea364ed2e8 | |
parent | 48512193338663df5dc4cd52179bc94337eb7113 (diff) | |
download | samba-60b741415d9357f11ae1db80f93035058fdbe4e8.tar.gz samba-60b741415d9357f11ae1db80f93035058fdbe4e8.tar.bz2 samba-60b741415d9357f11ae1db80f93035058fdbe4e8.zip |
Remove can_access_file_data() - make it use the standard smbd_check_access_rights() instead.
-rw-r--r-- | source3/modules/onefs_open.c | 4 | ||||
-rw-r--r-- | source3/smbd/file_access.c | 59 | ||||
-rw-r--r-- | source3/smbd/open.c | 4 |
3 files changed, 7 insertions, 60 deletions
diff --git a/source3/modules/onefs_open.c b/source3/modules/onefs_open.c index dd4eb90b13..d7b2af3544 100644 --- a/source3/modules/onefs_open.c +++ b/source3/modules/onefs_open.c @@ -1042,8 +1042,8 @@ NTSTATUS onefs_open_file_ntcreate(connection_struct *conn, if (((can_access_mask & FILE_WRITE_DATA) && !CAN_WRITE(conn)) || - !can_access_file_data(conn, smb_fname, - can_access_mask)) { + !NT_STATUS_IS_OK(smbd_check_access_rights(conn, + smb_fname, can_access_mask))) { can_access = False; } diff --git a/source3/smbd/file_access.c b/source3/smbd/file_access.c index c2203673f3..81cb7bd43f 100644 --- a/source3/smbd/file_access.c +++ b/source3/smbd/file_access.c @@ -177,61 +177,6 @@ bool can_delete_file_in_directory(connection_struct *conn, } /**************************************************************************** - Actually emulate the in-kernel access checking for read/write access. We need - this to successfully check for ability to write for dos filetimes. - Note this doesn't take into account share write permissions. -****************************************************************************/ - -bool can_access_file_data(connection_struct *conn, - const struct smb_filename *smb_fname, - uint32 access_mask) -{ - if (!(access_mask & (FILE_READ_DATA|FILE_WRITE_DATA))) { - return False; - } - access_mask &= (FILE_READ_DATA|FILE_WRITE_DATA); - - /* some fast paths first */ - - DEBUG(10,("can_access_file_data: requesting 0x%x on file %s\n", - (unsigned int)access_mask, smb_fname_str_dbg(smb_fname))); - - if (get_current_uid(conn) == (uid_t)0) { - /* I'm sorry sir, I didn't know you were root... */ - return True; - } - - SMB_ASSERT(VALID_STAT(smb_fname->st)); - - /* Check primary owner access. */ - if (get_current_uid(conn) == smb_fname->st.st_ex_uid) { - switch (access_mask) { - case FILE_READ_DATA: - return (smb_fname->st.st_ex_mode & S_IRUSR) ? - True : False; - - case FILE_WRITE_DATA: - return (smb_fname->st.st_ex_mode & S_IWUSR) ? - True : False; - - default: /* FILE_READ_DATA|FILE_WRITE_DATA */ - - if ((smb_fname->st.st_ex_mode & - (S_IWUSR|S_IRUSR)) == - (S_IWUSR|S_IRUSR)) { - return True; - } else { - return False; - } - } - } - - /* now for ACL checks */ - - return can_access_file_acl(conn, smb_fname, access_mask); -} - -/**************************************************************************** Userspace check for write access. Note this doesn't take into account share write permissions. ****************************************************************************/ @@ -239,7 +184,9 @@ bool can_access_file_data(connection_struct *conn, bool can_write_to_file(connection_struct *conn, const struct smb_filename *smb_fname) { - return can_access_file_data(conn, smb_fname, FILE_WRITE_DATA); + return NT_STATUS_IS_OK(smbd_check_access_rights(conn, + smb_fname, + FILE_WRITE_DATA)); } /**************************************************************************** diff --git a/source3/smbd/open.c b/source3/smbd/open.c index 2f79908b62..a1a247fca2 100644 --- a/source3/smbd/open.c +++ b/source3/smbd/open.c @@ -2081,8 +2081,8 @@ static NTSTATUS open_file_ntcreate(connection_struct *conn, if (((can_access_mask & FILE_WRITE_DATA) && !CAN_WRITE(conn)) || - !can_access_file_data(conn, smb_fname, - can_access_mask)) { + !NT_STATUS_IS_OK(smbd_check_access_rights(conn, + smb_fname, can_access_mask))) { can_access = False; } |