diff options
author | Jeremy Allison <jra@samba.org> | 2010-02-12 22:45:37 -0800 |
---|---|---|
committer | Jeremy Allison <jra@samba.org> | 2010-02-12 22:45:37 -0800 |
commit | d46d7717c7bdc1b404ff53d7831ed00d556a940f (patch) | |
tree | e8f2649acc00e592854d0887019a2c9c3a9d0398 /source3/lib/server_mutex.c | |
parent | 10e54fb422d9f1ae6d33e5fabbf8c651b0e57a8c (diff) | |
download | samba-d46d7717c7bdc1b404ff53d7831ed00d556a940f.tar.gz samba-d46d7717c7bdc1b404ff53d7831ed00d556a940f.tar.bz2 samba-d46d7717c7bdc1b404ff53d7831ed00d556a940f.zip |
Simplify the logic in make_connection_snum(), and make it match Windows behavior.
Cause all exit paths to go through one place, where all cleanup is
done. change_to_root_user() for pathname operations that should succeed if
the path exists, even if the connecting user has no access.
For example, a share can now be defined with a path of /root/only/access
(where /root/only/access is a directory path with all components only
accessible to root e.g. root owned, permissions 700 on every component).
Non-root users will now correctly connect, but get ACCESS_DENIED on
all activities (which matches Windows behavior). Previously, non-root
users would get NT_STATUS_BAD_NETWORK_NAME on doing a TConX to this
share, even though it's a perfectly valid share path (just not accessible
to them).
This change was inspired by the research I did for bug #7126, which
was reported by bepi@adria.it.
As this is a change in a core function, I'm proposing to leave
this only in master for 3.6.0, not back-port to any existing releases.
This should give us enough time to decide if this is the way we want this to
behave (as Windows) or if we prefer the previous behavior.
Jeremy.
Diffstat (limited to 'source3/lib/server_mutex.c')
0 files changed, 0 insertions, 0 deletions