diff options
author | Jeremy Allison <jra@samba.org> | 2011-10-26 15:03:28 -0700 |
---|---|---|
committer | Jeremy Allison <jra@samba.org> | 2011-10-28 12:16:42 -0700 |
commit | ea195b6cd2152a7f09847dba9c0c2288cc9a862d (patch) | |
tree | 30e3ed9c8cc28a594c7a3bd3a9b648b2857e77d3 /source3 | |
parent | 8a3070a7c9fe3fad35103435c5c74188866057eb (diff) | |
download | samba-ea195b6cd2152a7f09847dba9c0c2288cc9a862d.tar.gz samba-ea195b6cd2152a7f09847dba9c0c2288cc9a862d.tar.bz2 samba-ea195b6cd2152a7f09847dba9c0c2288cc9a862d.zip |
Finally do all the open checks inside open_file(). Checks inside
vfs_acl_common can now be removed.
Diffstat (limited to 'source3')
-rw-r--r-- | source3/smbd/open.c | 30 |
1 files changed, 30 insertions, 0 deletions
diff --git a/source3/smbd/open.c b/source3/smbd/open.c index 973a5d2b47..ba14f3d51f 100644 --- a/source3/smbd/open.c +++ b/source3/smbd/open.c @@ -613,6 +613,36 @@ static NTSTATUS open_file(files_struct *fsp, return NT_STATUS_OBJECT_NAME_INVALID; } + /* Can we access this file ? */ + if (!fsp->base_fsp) { + /* Only do this check on non-stream open. */ + if (file_existed) { + status = smbd_check_open_rights(conn, + smb_fname, + access_mask); + } else if (local_flags & O_CREAT){ + status = check_parent_access(conn, + smb_fname, + SEC_DIR_ADD_FILE, + NULL, + NULL); + } else { + /* File didn't exist and no O_CREAT. */ + return NT_STATUS_OBJECT_NAME_NOT_FOUND; + } + if (!NT_STATUS_IS_OK(status)) { + DEBUG(10,("open_file: " + "%s on file " + "%s returned %s\n", + file_existed ? + "smbd_check_open_rights" : + "check_parent_access", + smb_fname_str_dbg(smb_fname), + nt_errstr(status) )); + return status; + } + } + /* Actually do the open */ status = fd_open(conn, fsp, local_flags, unx_mode); if (!NT_STATUS_IS_OK(status)) { |