summaryrefslogtreecommitdiff
path: root/source3/smbd
diff options
context:
space:
mode:
authorJeremy Allison <jra@samba.org>2007-01-27 02:33:21 +0000
committerGerald (Jerry) Carter <jerry@samba.org>2007-10-10 12:17:28 -0500
commit3bd12f9658ef5b2058183a561a7e451c40e68099 (patch)
tree96c8875cdad0bb8d9cbbfb7cf326b34c0694c5c6 /source3/smbd
parentf779904af5db7b649a756585b5343c5536e57bed (diff)
downloadsamba-3bd12f9658ef5b2058183a561a7e451c40e68099.tar.gz
samba-3bd12f9658ef5b2058183a561a7e451c40e68099.tar.bz2
samba-3bd12f9658ef5b2058183a561a7e451c40e68099.zip
r21035: Remove unneeded checks on incoming uid/gid for
mknod (fifo) unix extensions code. Problem discovered by Anders Karlsson <anders.karlsson@redhat.com>. Jeremy. (This used to be commit ec6033ad7c8d343969e3dcf59232cb16d075364f)
Diffstat (limited to 'source3/smbd')
-rw-r--r--source3/smbd/trans2.c50
1 files changed, 35 insertions, 15 deletions
diff --git a/source3/smbd/trans2.c b/source3/smbd/trans2.c
index 8afd3de130..c67a52fe8d 100644
--- a/source3/smbd/trans2.c
+++ b/source3/smbd/trans2.c
@@ -4200,6 +4200,7 @@ static int call_trans2setfilepathinfo(connection_struct *conn, char *inbuf, char
case SMB_SET_FILE_UNIX_BASIC:
{
uint32 raw_unixmode;
+ BOOL delete_on_fail = False;
if (total_data < 100) {
return ERROR_NT(NT_STATUS_INVALID_PARAMETER);
@@ -4247,8 +4248,6 @@ size = %.0f, uid = %u, gid = %u, raw perms = 0%o\n",
uint32 dev_minor = IVAL(pdata,12);
#endif
- uid_t myuid = geteuid();
- gid_t mygid = getegid();
SMB_DEV_T dev = (SMB_DEV_T)0;
if (tran_call == TRANSACT2_SETFILEINFO)
@@ -4262,13 +4261,6 @@ size = %.0f, uid = %u, gid = %u, raw perms = 0%o\n",
dev = makedev(dev_major, dev_minor);
#endif
- /* We can only create as the owner/group we are. */
-
- if ((set_owner != myuid) && (set_owner != (uid_t)SMB_UID_NO_CHANGE))
- return(ERROR_DOS(ERRDOS,ERRnoaccess));
- if ((set_grp != mygid) && (set_grp != (gid_t)SMB_GID_NO_CHANGE))
- return(ERROR_DOS(ERRDOS,ERRnoaccess));
-
switch (file_type) {
#if defined(S_IFIFO)
case UNIX_TYPE_FIFO:
@@ -4298,8 +4290,15 @@ size = %.0f, uid = %u, gid = %u, raw perms = 0%o\n",
0%o for file %s\n", (double)dev, unixmode, fname ));
/* Ok - do the mknod. */
- if (SMB_VFS_MKNOD(conn,fname, unixmode, dev) != 0)
+ if (SMB_VFS_MKNOD(conn,fname, unixmode, dev) != 0) {
return(UNIXERROR(ERRDOS,ERRnoaccess));
+ }
+
+ /* If any of the other "set" calls fail we
+ * don't want to end up with a half-constructed mknod.
+ */
+
+ delete_on_fail = True;
if (lp_inherit_perms(SNUM(conn))) {
inherit_access_acl(
@@ -4307,9 +4306,18 @@ size = %.0f, uid = %u, gid = %u, raw perms = 0%o\n",
fname, unixmode);
}
- SSVAL(params,0,0);
- send_trans2_replies(outbuf, bufsize, params, 2, *ppdata, 0, max_data_bytes);
- return(-1);
+ if (SMB_VFS_STAT(conn, fname, &sbuf) != 0) {
+ int saved_errno = errno;
+ SMB_VFS_UNLINK(conn,fname);
+ errno = saved_errno;
+ return(UNIXERROR(ERRDOS,ERRnoaccess));
+ }
+
+ /* Ensure we don't try and change anything else. */
+ raw_unixmode = SMB_MODE_NO_CHANGE;
+ size = get_file_size(sbuf);
+ tvs.modtime = sbuf.st_mtime;
+ tvs.actime = sbuf.st_atime;
}
/*
@@ -4330,8 +4338,14 @@ size = %.0f, uid = %u, gid = %u, raw perms = 0%o\n",
if ((set_owner != (uid_t)SMB_UID_NO_CHANGE) && (sbuf.st_uid != set_owner)) {
DEBUG(10,("call_trans2setfilepathinfo: SMB_SET_FILE_UNIX_BASIC changing owner %u for file %s\n",
(unsigned int)set_owner, fname ));
- if (SMB_VFS_CHOWN(conn,fname,set_owner, (gid_t)-1) != 0)
+ if (SMB_VFS_CHOWN(conn,fname,set_owner, (gid_t)-1) != 0) {
+ if (delete_on_fail) {
+ int saved_errno = errno;
+ SMB_VFS_UNLINK(conn,fname);
+ errno = saved_errno;
+ }
return(UNIXERROR(ERRDOS,ERRnoaccess));
+ }
}
/*
@@ -4341,8 +4355,14 @@ size = %.0f, uid = %u, gid = %u, raw perms = 0%o\n",
if ((set_grp != (uid_t)SMB_GID_NO_CHANGE) && (sbuf.st_gid != set_grp)) {
DEBUG(10,("call_trans2setfilepathinfo: SMB_SET_FILE_UNIX_BASIC changing group %u for file %s\n",
(unsigned int)set_owner, fname ));
- if (SMB_VFS_CHOWN(conn,fname,(uid_t)-1, set_grp) != 0)
+ if (SMB_VFS_CHOWN(conn,fname,(uid_t)-1, set_grp) != 0) {
+ if (delete_on_fail) {
+ int saved_errno = errno;
+ SMB_VFS_UNLINK(conn,fname);
+ errno = saved_errno;
+ }
return(UNIXERROR(ERRDOS,ERRnoaccess));
+ }
}
break;
}