summaryrefslogtreecommitdiff
path: root/source3/smbd
diff options
context:
space:
mode:
authorJeremy Allison <jra@samba.org>2005-04-17 07:57:45 +0000
committerGerald (Jerry) Carter <jerry@samba.org>2007-10-10 10:56:38 -0500
commitb39c949ae05ee990bd8daa588e92c768185761b5 (patch)
treed73bee42891748ea6da9c70661356b8f49af7b05 /source3/smbd
parentb49c586de46396018bf26828d78e591e67de3c0f (diff)
downloadsamba-b39c949ae05ee990bd8daa588e92c768185761b5.tar.gz
samba-b39c949ae05ee990bd8daa588e92c768185761b5.tar.bz2
samba-b39c949ae05ee990bd8daa588e92c768185761b5.zip
r6365: Wow, how much worse does this get. From info provided by
Eric Stewart <eric@lib.usf.edu> I realised we weren't checking against the current effective groupid (set by force group) as well as the group list. Fix this. Jeremy. (This used to be commit 0c4058c0732b1faa87ca64b8f95ad2fe3106a69f)
Diffstat (limited to 'source3/smbd')
-rw-r--r--source3/smbd/posix_acls.c26
1 files changed, 26 insertions, 0 deletions
diff --git a/source3/smbd/posix_acls.c b/source3/smbd/posix_acls.c
index 738f9d76f3..353f9a3b03 100644
--- a/source3/smbd/posix_acls.c
+++ b/source3/smbd/posix_acls.c
@@ -3852,6 +3852,23 @@ match on user %u -> %s.\n", fname, (unsigned int)*puid, ret ? "can write" : "can
if (pgid == NULL) {
goto check_stat;
}
+
+ /* Does it match the current effective group ? */
+ if (current_user.gid == *pgid) {
+ ret = have_write;
+ DEBUG(10,("check_posix_acl_group_write: file %s \
+match on group %u -> can write.\n", fname, (unsigned int)*pgid ));
+
+ /* If we don't have write permission this entry doesn't
+ * prevent the subsequent enumeration of the supplementary
+ * groups.
+ */
+ if (have_write) {
+ goto done;
+ }
+ }
+
+ /* Continue with the supplementary groups. */
for (i = 0; i < current_user.ngroups; i++) {
if (current_user.groups[i] == *pgid) {
ret = have_write;
@@ -3883,6 +3900,15 @@ match on group %u -> can write.\n", fname, (unsigned int)*pgid ));
/* Do we match on the owning group entry ? */
+ /* First, does it match the current effective group ? */
+ if (current_user.gid == psbuf->st_gid) {
+ ret = (psbuf->st_mode & S_IWGRP) ? 1 : 0;
+ DEBUG(10,("check_posix_acl_group_write: file %s \
+match on owning group %u -> %s.\n", fname, (unsigned int)psbuf->st_gid, ret ? "can write" : "cannot write"));
+ goto done;
+ }
+
+ /* If not look at the supplementary groups. */
for (i = 0; i < current_user.ngroups; i++) {
if (current_user.groups[i] == psbuf->st_gid) {
ret = (psbuf->st_mode & S_IWGRP) ? 1 : 0;