diff options
author | Jeremy Allison <jra@samba.org> | 2012-10-25 17:07:29 -0700 |
---|---|---|
committer | Michael Adam <obnox@samba.org> | 2012-10-29 16:26:20 +0100 |
commit | 3a4b755ce5b4be1981d12d5b6f3eb563ef079707 (patch) | |
tree | 16cafa6bf2f067b44373ec8ee342f6ad522a3e62 /source3/smbd/proto.h | |
parent | 334044f6fa11b5a9ac66afdc95add5e1522e6baa (diff) | |
download | samba-3a4b755ce5b4be1981d12d5b6f3eb563ef079707.tar.gz samba-3a4b755ce5b4be1981d12d5b6f3eb563ef079707.tar.bz2 samba-3a4b755ce5b4be1981d12d5b6f3eb563ef079707.zip |
Fix bug #9329 - Directory listing with SeBackup can crash smbd.
When we do a become_root()/unbecome_root() pair to temporarily
raise privilege, this NULLs out the NT token. If we're within
a become_root()/unbecome_root() pair then return the previous
token on the stack as our NT token. This is what we should be
using to check against NT ACLs in the file server. This copes
with security context changing when removing a file on close
under the context of another user (when 2 users have a file
open, one sets delete on close and then the other user has
to actually do the delete).
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Autobuild-User(master): Michael Adam <obnox@samba.org>
Autobuild-Date(master): Mon Oct 29 16:26:20 CET 2012 on sn-devel-104
Diffstat (limited to 'source3/smbd/proto.h')
-rw-r--r-- | source3/smbd/proto.h | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/source3/smbd/proto.h b/source3/smbd/proto.h index d218184024..c80ef14a01 100644 --- a/source3/smbd/proto.h +++ b/source3/smbd/proto.h @@ -952,6 +952,7 @@ void set_sec_ctx(uid_t uid, gid_t gid, int ngroups, gid_t *groups, const struct void set_root_sec_ctx(void); bool pop_sec_ctx(void); void init_sec_ctx(void); +const struct security_token *sec_ctx_active_token(void); /* The following definitions come from smbd/server.c */ |