summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJeremy Allison <jra@samba.org>2005-03-02 03:41:44 +0000
committerGerald (Jerry) Carter <jerry@samba.org>2007-10-10 10:55:50 -0500
commite9d360aae9ed73da0382204e47a3545cf0d8572c (patch)
tree194fbf9b79d1e8d6b0f8b4c4f484afc465b1dc57
parent6b06ba4a87f357b608067a8d74ed1dd78c0d78a6 (diff)
downloadsamba-e9d360aae9ed73da0382204e47a3545cf0d8572c.tar.gz
samba-e9d360aae9ed73da0382204e47a3545cf0d8572c.tar.bz2
samba-e9d360aae9ed73da0382204e47a3545cf0d8572c.zip
r5616: Forgot about the sticky bit on directories (commonly set on /tmp). If this is set
then only the owner or root can delete a file. We now use the same algorithm to check file delete. Jeremy. (This used to be commit eb18104d10428a5daef2316088edc3dbaff58708)
-rw-r--r--source3/smbd/posix_acls.c16
1 files changed, 16 insertions, 0 deletions
diff --git a/source3/smbd/posix_acls.c b/source3/smbd/posix_acls.c
index d02edc5ea0..c5f96db85c 100644
--- a/source3/smbd/posix_acls.c
+++ b/source3/smbd/posix_acls.c
@@ -3903,10 +3903,26 @@ BOOL can_delete_file_in_directory(connection_struct *conn, const char *fname)
if (current_user.uid == sbuf.st_uid) {
return (sbuf.st_mode & S_IWUSR) ? True : False;
}
+
+#ifdef S_ISVTX
+ /* sticky bit means delete only by owner or root. */
+ if (sbuf.st_mode & S_ISVTX) {
+ SMB_STRUCT_STAT sbuf_file;
+ if(SMB_VFS_STAT(conn, fname, &sbuf_file) != 0) {
+ return False;
+ }
+ if (current_user.uid == sbuf_file.st_uid) {
+ return True;
+ }
+ return False;
+ }
+#endif
+
/* Check group ownership. */
ret = check_posix_acl_group_write(conn, dname, &sbuf);
if (ret == 0 || ret == 1) {
return ret ? True : False;
}
+
return (sbuf.st_mode & S_IWOTH) ? True : False;
}