diff options
author | Andrew Tridgell <tridge@samba.org> | 2009-08-05 17:51:21 +1000 |
---|---|---|
committer | Andrew Tridgell <tridge@samba.org> | 2009-08-05 17:51:58 +1000 |
commit | 00a8ff5fe9acf965395b99b39b0c24a5517b6e2b (patch) | |
tree | f544527da4c973658174926191ef630d79208e58 /source4/ntvfs/posix/pvfs_acl.c | |
parent | 0a16265bc21e6f1f8cef4f38b7b45f3fd356527c (diff) | |
download | samba-00a8ff5fe9acf965395b99b39b0c24a5517b6e2b.tar.gz samba-00a8ff5fe9acf965395b99b39b0c24a5517b6e2b.tar.bz2 samba-00a8ff5fe9acf965395b99b39b0c24a5517b6e2b.zip |
fixed a problem with group policy writes causing policy corruption
This bug was caused by two things:
1) in the unix ACL mapping, we were not taking into account group
write permssions for the SEC_STD_DELETE flag
2) when a file is created using OVERWRITE mode, a fchmod() would
fail if the user is not the file owner. We resolve that by only
doing the fchmod() if the mapped file attribute does not match the
desired file attribute
Diffstat (limited to 'source4/ntvfs/posix/pvfs_acl.c')
-rw-r--r-- | source4/ntvfs/posix/pvfs_acl.c | 37 |
1 files changed, 37 insertions, 0 deletions
diff --git a/source4/ntvfs/posix/pvfs_acl.c b/source4/ntvfs/posix/pvfs_acl.c index 203b6b11c0..ad7ac5a749 100644 --- a/source4/ntvfs/posix/pvfs_acl.c +++ b/source4/ntvfs/posix/pvfs_acl.c @@ -449,6 +449,35 @@ static bool pvfs_read_only(struct pvfs_state *pvfs, uint32_t access_mask) } /* + see if we are a member of the appropriate unix group + */ +static bool pvfs_group_member(struct pvfs_state *pvfs, gid_t gid) +{ + int i, ngroups; + gid_t *groups; + if (getegid() == gid) { + return true; + } + ngroups = getgroups(0, NULL); + if (ngroups == 0) { + return false; + } + groups = talloc_array(pvfs, gid_t, ngroups); + if (groups == NULL) { + return false; + } + if (getgroups(ngroups, groups) != ngroups) { + talloc_free(groups); + return false; + } + for (i=0; i<ngroups; i++) { + if (groups[i] == gid) break; + } + talloc_free(groups); + return i < ngroups; +} + +/* default access check function based on unix permissions doing this saves on building a full security descriptor for the common case of access check on files with no @@ -473,6 +502,12 @@ NTSTATUS pvfs_access_check_unix(struct pvfs_state *pvfs, max_bits |= SEC_STD_ALL; } + if ((name->st.st_mode & S_IWOTH) || + ((name->st.st_mode & S_IWGRP) && + pvfs_group_member(pvfs, name->st.st_gid))) { + max_bits |= SEC_STD_ALL; + } + if (uwrap_enabled()) { /* when running with the uid wrapper, files will be created owned by the ruid, but we may have a different simulated @@ -491,6 +526,8 @@ NTSTATUS pvfs_access_check_unix(struct pvfs_state *pvfs, } if (*access_mask & ~max_bits) { + DEBUG(0,(__location__ " denied access to '%s' - wanted 0x%08x but got 0x%08x (missing 0x%08x)\n", + name->full_name, *access_mask, max_bits, *access_mask & ~max_bits)); return NT_STATUS_ACCESS_DENIED; } |