diff options
author | Jeremy Allison <jra@samba.org> | 2005-05-18 23:37:35 +0000 |
---|---|---|
committer | Gerald (Jerry) Carter <jerry@samba.org> | 2007-10-10 10:56:56 -0500 |
commit | bd16770954424d86298a57d6c59aa69d5b42ce07 (patch) | |
tree | 01dcf664e7d76d365c525e512e783c6e1384634b /source3/smbd | |
parent | fe0ce8dd8e18de6110404661f26db7a66ebac5ad (diff) | |
download | samba-bd16770954424d86298a57d6c59aa69d5b42ce07.tar.gz samba-bd16770954424d86298a57d6c59aa69d5b42ce07.tar.bz2 samba-bd16770954424d86298a57d6c59aa69d5b42ce07.zip |
r6895: Add "acl check permissions" to turn on/off the new behaviour of
checking for write access in a directory before delete. Also
controls checking for write access before labeling a file read-only
if DOS attributes are not being stored in EA's.
Docuementation to follow.
Jeremy.
(This used to be commit dd1a5e6e499dd721c5bb8d56a61810a7454a3449)
Diffstat (limited to 'source3/smbd')
-rw-r--r-- | source3/smbd/dosmode.c | 17 | ||||
-rw-r--r-- | source3/smbd/nttrans.c | 4 | ||||
-rw-r--r-- | source3/smbd/posix_acls.c | 19 |
3 files changed, 24 insertions, 16 deletions
diff --git a/source3/smbd/dosmode.c b/source3/smbd/dosmode.c index 3a0e81e5fe..65ea2807e7 100644 --- a/source3/smbd/dosmode.c +++ b/source3/smbd/dosmode.c @@ -116,13 +116,18 @@ mode_t unix_mode(connection_struct *conn, int dosmode, const char *fname, BOOL c Change a unix mode to a dos mode. ****************************************************************************/ -uint32 dos_mode_from_sbuf(connection_struct *conn, SMB_STRUCT_STAT *sbuf) +uint32 dos_mode_from_sbuf(connection_struct *conn, const char *path, SMB_STRUCT_STAT *sbuf) { int result = 0; - if ((sbuf->st_mode & S_IWUSR) == 0) + if (lp_acl_check_permissions(SNUM(conn))) { + if (!can_write_to_file(conn, path, sbuf)) { + result |= aRONLY; + } + } else if ((sbuf->st_mode & S_IWUSR) == 0) { result |= aRONLY; - + } + if (MAP_ARCHIVE(conn) && ((sbuf->st_mode & S_IXUSR) != 0)) result |= aARCH; @@ -291,7 +296,7 @@ uint32 dos_mode(connection_struct *conn, const char *path,SMB_STRUCT_STAT *sbuf) return result; } - result = dos_mode_from_sbuf(conn, sbuf); + result = dos_mode_from_sbuf(conn, path, sbuf); /* Now do any modifications that depend on the path name. */ /* hide files with a name starting with a . */ @@ -433,9 +438,11 @@ int file_set_dosmode(connection_struct *conn, const char *fname, uint32 dosmode, int file_utime(connection_struct *conn, const char *fname, struct utimbuf *times) { + SMB_STRUCT_STAT sbuf; int ret = -1; errno = 0; + ZERO_STRUCT(sbuf); if(SMB_VFS_UTIME(conn,fname, times) == 0) return 0; @@ -453,7 +460,7 @@ int file_utime(connection_struct *conn, const char *fname, struct utimbuf *times */ /* Check if we have write access. */ - if (can_write_to_file(conn, fname)) { + if (can_write_to_file(conn, fname, &sbuf)) { /* We are allowed to become root and change the filetime. */ become_root(); ret = SMB_VFS_UTIME(conn,fname, times); diff --git a/source3/smbd/nttrans.c b/source3/smbd/nttrans.c index a37ae5548f..a0f94d616d 100644 --- a/source3/smbd/nttrans.c +++ b/source3/smbd/nttrans.c @@ -802,7 +802,7 @@ create_options = 0x%x root_dir_fid = 0x%x\n", flags, desired_access, file_attrib if (desired_access & DELETE_ACCESS) { #else /* Setting FILE_SHARE_DELETE is the hint. */ - if ((share_access & FILE_SHARE_DELETE) && (desired_access & DELETE_ACCESS)) { + if (lp_acl_check_permissions(SNUM(conn)) && (share_access & FILE_SHARE_DELETE) && (desired_access & DELETE_ACCESS)) { #endif status = can_delete(conn, fname, file_attributes, bad_path, True); /* We're only going to fail here if it's access denied, as that's the @@ -1422,7 +1422,7 @@ static int call_nt_transact_create(connection_struct *conn, char *inbuf, char *o if (desired_access & DELETE_ACCESS) { #else /* Setting FILE_SHARE_DELETE is the hint. */ - if ((share_access & FILE_SHARE_DELETE) && (desired_access & DELETE_ACCESS)) { + if (lp_acl_check_permissions(SNUM(conn)) && (share_access & FILE_SHARE_DELETE) && (desired_access & DELETE_ACCESS)) { #endif status = can_delete(conn, fname, file_attributes, bad_path, True); /* We're only going to fail here if it's access denied, as that's the diff --git a/source3/smbd/posix_acls.c b/source3/smbd/posix_acls.c index b31e97c76f..b5052eec25 100644 --- a/source3/smbd/posix_acls.c +++ b/source3/smbd/posix_acls.c @@ -4006,9 +4006,8 @@ BOOL can_delete_file_in_directory(connection_struct *conn, const char *fname) this to successfully check for ability to write for dos filetimes. ****************************************************************************/ -BOOL can_write_to_file(connection_struct *conn, const char *fname) +BOOL can_write_to_file(connection_struct *conn, const char *fname, SMB_STRUCT_STAT *psbuf) { - SMB_STRUCT_STAT sbuf; int ret; if (!CAN_WRITE(conn)) { @@ -4020,22 +4019,24 @@ BOOL can_write_to_file(connection_struct *conn, const char *fname) return True; } - /* Get the file permission mask and owners. */ - if(SMB_VFS_STAT(conn, fname, &sbuf) != 0) { - return False; + if (!VALID_STAT(*psbuf)) { + /* Get the file permission mask and owners. */ + if(SMB_VFS_STAT(conn, fname, psbuf) != 0) { + return False; + } } /* Check primary owner write access. */ - if (current_user.uid == sbuf.st_uid) { - return (sbuf.st_mode & S_IWUSR) ? True : False; + if (current_user.uid == psbuf->st_uid) { + return (psbuf->st_mode & S_IWUSR) ? True : False; } /* Check group or explicit user acl entry write access. */ - ret = check_posix_acl_group_write(conn, fname, &sbuf); + ret = check_posix_acl_group_write(conn, fname, psbuf); if (ret == 0 || ret == 1) { return ret ? True : False; } /* Finally check other write access. */ - return (sbuf.st_mode & S_IWOTH) ? True : False; + return (psbuf->st_mode & S_IWOTH) ? True : False; } |