summaryrefslogtreecommitdiff
path: root/source3
diff options
context:
space:
mode:
authorVolker Lendecke <vl@samba.org>2011-07-05 11:13:07 +0200
committerStefan Metzmacher <metze@samba.org>2011-07-05 16:21:53 +0200
commit4deca5d72804a40e68158a1183f5633dabf24761 (patch)
tree0cc02b34f4c63d2298b43489cc897a468e4dba74 /source3
parent720fa46f9443ccbe471b265f1c2b9cb9782a3c26 (diff)
downloadsamba-4deca5d72804a40e68158a1183f5633dabf24761.tar.gz
samba-4deca5d72804a40e68158a1183f5633dabf24761.tar.bz2
samba-4deca5d72804a40e68158a1183f5633dabf24761.zip
s3: Fix bug 8102
We can't allow open with access that has been denied via the share security descriptor Signed-off-by: Stefan Metzmacher <metze@samba.org> Autobuild-User: Stefan Metzmacher <metze@samba.org> Autobuild-Date: Tue Jul 5 16:21:54 CEST 2011 on sn-devel-104
Diffstat (limited to 'source3')
-rw-r--r--source3/smbd/open.c8
1 files changed, 8 insertions, 0 deletions
diff --git a/source3/smbd/open.c b/source3/smbd/open.c
index 86a5924f16..bbab9f14ef 100644
--- a/source3/smbd/open.c
+++ b/source3/smbd/open.c
@@ -76,6 +76,14 @@ NTSTATUS smbd_check_open_rights(struct connection_struct *conn,
/* Check if we have rights to open. */
NTSTATUS status;
struct security_descriptor *sd = NULL;
+ uint32_t rejected_share_access;
+
+ rejected_share_access = access_mask & ~(conn->share_access);
+
+ if (rejected_share_access) {
+ *access_granted = rejected_share_access;
+ return NT_STATUS_ACCESS_DENIED;
+ }
if ((access_mask & DELETE_ACCESS) && !lp_acl_check_permissions(SNUM(conn))) {
*access_granted = access_mask;