diff options
| author | Jeremy Allison <jra@samba.org> | 2001-04-14 00:19:12 +0000 |
|---|---|---|
| committer | Jeremy Allison <jra@samba.org> | 2001-04-14 00:19:12 +0000 |
| commit | 53850c51caf1c4d53ff285b2e5505e0615beeeee (patch) | |
| tree | 03e7d594efd340da6909e0efa2cf3dd05b6a610b /source3/smbd/dosmode.c | |
| parent | 9444e9d9f350961b594a1acbe7a7652d97faec0a (diff) | |
| download | samba-53850c51caf1c4d53ff285b2e5505e0615beeeee.tar.gz samba-53850c51caf1c4d53ff285b2e5505e0615beeeee.tar.bz2 samba-53850c51caf1c4d53ff285b2e5505e0615beeeee.zip | |
configure:
configure.in:
include/config.h.in:
include/profile.h:
smbd/vfs-wrap.c:
smbd/vfs.c:
Added fchmod and fchown to VFS (sorry Gerald - but we needed them anyway).
smbd/dosmode.c:
smbd/files.c:
printing/printfsp.c:
smbd/close.c:
smbd/open.c:
Fixed "dos filemode" correctly so there are no race conditions. Forces test
of open of file O_WRONLY before allowing fchmod as root. Afterwards, calls
standard close function that preserves POSIX locks due to POSIX-me-harder
braindamage. :-). Andrew please review this code.
Also - in removing the tmpdir param in smbrun an extra NULL parameter
was missed in each print_run_command() call (which is a varargs fn.).
Now fixed.
Jeremy.
(This used to be commit 32397e5bc6d995ce7ca37c82d6aedc1e5b1b6fbd)
Diffstat (limited to 'source3/smbd/dosmode.c')
| -rw-r--r-- | source3/smbd/dosmode.c | 26 |
1 files changed, 15 insertions, 11 deletions
diff --git a/source3/smbd/dosmode.c b/source3/smbd/dosmode.c index 8b2c482b0a..9ec1fa2606 100644 --- a/source3/smbd/dosmode.c +++ b/source3/smbd/dosmode.c @@ -184,7 +184,6 @@ chmod a file - but preserve some bits ********************************************************************/ int file_chmod(connection_struct *conn,char *fname,int dosmode,SMB_STRUCT_STAT *st) { - extern struct current_user current_user; SMB_STRUCT_STAT st1; int mask=0; mode_t tmp; @@ -250,16 +249,21 @@ int file_chmod(connection_struct *conn,char *fname,int dosmode,SMB_STRUCT_STAT * /* Check if we have write access. */ if (CAN_WRITE(conn)) { - if (((st->st_mode & S_IWOTH) || - conn->admin_user || - ((st->st_mode & S_IWUSR) && current_user.uid==st->st_uid) || - ((st->st_mode & S_IWGRP) && - in_group(st->st_gid,current_user.gid, current_user.ngroups,current_user.groups)))) { - /* We are allowed to become root and change the file mode. */ - become_root(); - ret = vfs_chmod(conn,fname,unixmode); - unbecome_root(); - } + /* + * We need to open the file with write access whilst + * still in our current user context. This ensures we + * are not violating security in doing the fchmod. + * This file open does *not* break any oplocks we are + * holding. We need to review this.... may need to + * break batch oplocks open by others. JRA. + */ + files_struct *fsp = open_file_fchmod(conn,fname,st); + if (!fsp) + return -1; + become_root(); + ret = conn->vfs_ops.fchmod(fsp, fsp->fd, unixmode); + unbecome_root(); + close_file_fchmod(fsp); } return( ret ); |