summaryrefslogtreecommitdiff
path: root/source3/smbd/uid.c
diff options
context:
space:
mode:
authorJeremy Allison <jra@samba.org>2012-10-25 17:07:29 -0700
committerMichael Adam <obnox@samba.org>2012-10-29 16:26:20 +0100
commit3a4b755ce5b4be1981d12d5b6f3eb563ef079707 (patch)
tree16cafa6bf2f067b44373ec8ee342f6ad522a3e62 /source3/smbd/uid.c
parent334044f6fa11b5a9ac66afdc95add5e1522e6baa (diff)
downloadsamba-3a4b755ce5b4be1981d12d5b6f3eb563ef079707.tar.gz
samba-3a4b755ce5b4be1981d12d5b6f3eb563ef079707.tar.bz2
samba-3a4b755ce5b4be1981d12d5b6f3eb563ef079707.zip
Fix bug #9329 - Directory listing with SeBackup can crash smbd.
When we do a become_root()/unbecome_root() pair to temporarily raise privilege, this NULLs out the NT token. If we're within a become_root()/unbecome_root() pair then return the previous token on the stack as our NT token. This is what we should be using to check against NT ACLs in the file server. This copes with security context changing when removing a file on close under the context of another user (when 2 users have a file open, one sets delete on close and then the other user has to actually do the delete). Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Michael Adam <obnox@samba.org> Autobuild-User(master): Michael Adam <obnox@samba.org> Autobuild-Date(master): Mon Oct 29 16:26:20 CET 2012 on sn-devel-104
Diffstat (limited to 'source3/smbd/uid.c')
-rw-r--r--source3/smbd/uid.c12
1 files changed, 11 insertions, 1 deletions
diff --git a/source3/smbd/uid.c b/source3/smbd/uid.c
index eac5d9d97e..30c7154a14 100644
--- a/source3/smbd/uid.c
+++ b/source3/smbd/uid.c
@@ -533,9 +533,19 @@ const struct security_unix_token *get_current_utok(connection_struct *conn)
return &current_user.ut;
}
+/****************************************************************************
+ Return the Windows token we are running effectively as on this connection.
+ If this is currently a NULL token as we're inside become_root() - a temporary
+ UNIX security override, then we search up the stack for the previous active
+ token.
+****************************************************************************/
+
const struct security_token *get_current_nttok(connection_struct *conn)
{
- return current_user.nt_user_token;
+ if (current_user.nt_user_token) {
+ return current_user.nt_user_token;
+ }
+ return sec_ctx_active_token();
}
uint64_t get_current_vuid(connection_struct *conn)