summaryrefslogtreecommitdiff
path: root/source3/smbd
diff options
context:
space:
mode:
authorJeremy Allison <jra@samba.org>2004-08-31 22:52:05 +0000
committerGerald (Jerry) Carter <jerry@samba.org>2007-10-10 10:52:33 -0500
commit3f9bc7fe07364af205741efcbfd3295fc4b81b46 (patch)
treed4cfc715aa130322ec87958897cb8fe1be9cc248 /source3/smbd
parente197fb368afd2e22d8a481b0d1adfbb74093ef06 (diff)
downloadsamba-3f9bc7fe07364af205741efcbfd3295fc4b81b46.tar.gz
samba-3f9bc7fe07364af205741efcbfd3295fc4b81b46.tar.bz2
samba-3f9bc7fe07364af205741efcbfd3295fc4b81b46.zip
r2152: Fix for bug #1674, move the symlinks checks into reduce_name().
Jeremy. (This used to be commit 341771857fecf9ef72a436c42e0571d486fa0dde)
Diffstat (limited to 'source3/smbd')
-rw-r--r--source3/smbd/filename.c18
-rw-r--r--source3/smbd/vfs.c42
2 files changed, 20 insertions, 40 deletions
diff --git a/source3/smbd/filename.c b/source3/smbd/filename.c
index e12cfb1388..279c9dd3c4 100644
--- a/source3/smbd/filename.c
+++ b/source3/smbd/filename.c
@@ -414,26 +414,10 @@ BOOL check_name(pstring name,connection_struct *conn)
}
}
- if (!lp_widelinks(SNUM(conn))) {
+ if (!lp_widelinks(SNUM(conn)) || !lp_symlinks(SNUM(conn))) {
ret = reduce_name(conn,name);
}
- /* Check if we are allowing users to follow symlinks */
- /* Patch from David Clerc <David.Clerc@cui.unige.ch>
- University of Geneva */
-
-#ifdef S_ISLNK
- if (!lp_symlinks(SNUM(conn))) {
- SMB_STRUCT_STAT statbuf;
- if ( (SMB_VFS_LSTAT(conn,name,&statbuf) != -1) &&
- (S_ISLNK(statbuf.st_mode)) ) {
- DEBUG(3,("check_name: denied: file path name %s is a symlink\n",name));
- errno = EACCES;
- ret = False;
- }
- }
-#endif
-
if (!ret) {
DEBUG(5,("check_name on %s failed\n",name));
}
diff --git a/source3/smbd/vfs.c b/source3/smbd/vfs.c
index a47f040f6a..0328558fe8 100644
--- a/source3/smbd/vfs.c
+++ b/source3/smbd/vfs.c
@@ -909,7 +909,8 @@ BOOL reduce_name(connection_struct *conn, const pstring fname)
return False;
}
- if (strncmp(conn->connectpath, resolved_name, con_path_len) != 0) {
+ /* Check for widelinks allowed. */
+ if (!lp_widelinks(SNUM(conn)) && (strncmp(conn->connectpath, resolved_name, con_path_len) != 0)) {
DEBUG(2, ("reduce_name: Bad access attempt: %s is a symlink outside the share path", fname));
if (free_resolved_name)
SAFE_FREE(resolved_name);
@@ -917,28 +918,23 @@ BOOL reduce_name(connection_struct *conn, const pstring fname)
return False;
}
- /* Move path the connect path to the last part of the filename. */
- p = resolved_name + con_path_len;
- if (*p == '/') {
- p++;
- }
-
- if (!*p) {
- if (fname[0] == '.' && fname[1] == '/' && fname[2] == '\0') {
- pstrcpy(resolved_name, "./");
- } else {
- pstrcpy(resolved_name, ".");
- }
- p = resolved_name;
- }
-
- if (!lp_symlinks(SNUM(conn)) && (strcmp(fname, p)!=0)) {
- DEBUG(3,("reduce_name: denied: file path name %s is a symlink\n",fname));
- if (free_resolved_name)
- SAFE_FREE(resolved_name);
- errno = EACCES;
- return False;
- }
+ /* Check if we are allowing users to follow symlinks */
+ /* Patch from David Clerc <David.Clerc@cui.unige.ch>
+ University of Geneva */
+
+#ifdef S_ISLNK
+ if (!lp_symlinks(SNUM(conn))) {
+ SMB_STRUCT_STAT statbuf;
+ if ( (SMB_VFS_LSTAT(conn,fname,&statbuf) != -1) &&
+ (S_ISLNK(statbuf.st_mode)) ) {
+ if (free_resolved_name)
+ SAFE_FREE(resolved_name);
+ DEBUG(3,("reduce_name: denied: file path name %s is a symlink\n",resolved_name));
+ errno = EACCES;
+ return False;
+ }
+ }
+#endif
DEBUG(3,("reduce_name: %s reduced to %s\n", fname, p));
if (free_resolved_name)