diff options
author | Andrew Tridgell <tridge@samba.org> | 2004-10-30 05:53:56 +0000 |
---|---|---|
committer | Gerald (Jerry) Carter <jerry@samba.org> | 2007-10-10 13:05:04 -0500 |
commit | d93636c29e4e0930e91c53b367145a0c88db7de1 (patch) | |
tree | c10306bb09b4484778e03f76a32e29ee2bb493bb /source4/ntvfs | |
parent | cb1cff90f165d82cbbf1dd87e475a1b13984d45e (diff) | |
download | samba-d93636c29e4e0930e91c53b367145a0c88db7de1.tar.gz samba-d93636c29e4e0930e91c53b367145a0c88db7de1.tar.bz2 samba-d93636c29e4e0930e91c53b367145a0c88db7de1.zip |
r3387: fixed pvfs to pass the NTDENY tests. The tricky bit was
SA_RIGHT_FILE_EXECUTE, which depends on a flags2 bit
(This used to be commit c36851d230bcf552ed79322f8358060ab164ec09)
Diffstat (limited to 'source4/ntvfs')
-rw-r--r-- | source4/ntvfs/common/opendb.c | 12 | ||||
-rw-r--r-- | source4/ntvfs/posix/pvfs_open.c | 8 | ||||
-rw-r--r-- | source4/ntvfs/posix/pvfs_read.c | 9 | ||||
-rw-r--r-- | source4/ntvfs/posix/pvfs_write.c | 2 |
4 files changed, 20 insertions, 11 deletions
diff --git a/source4/ntvfs/common/opendb.c b/source4/ntvfs/common/opendb.c index dfb1177eae..5dc68e5382 100644 --- a/source4/ntvfs/common/opendb.c +++ b/source4/ntvfs/common/opendb.c @@ -154,20 +154,24 @@ static BOOL share_conflict(struct odb_entry *e1, struct odb_entry *e2) /* if either open involves no read.write or delete access then it can't conflict */ - if (!(e1->access_mask & (SA_RIGHT_FILE_WRITE_DATA | + if (!(e1->access_mask & (SA_RIGHT_FILE_WRITE_APPEND | SA_RIGHT_FILE_READ_EXEC | STD_RIGHT_DELETE_ACCESS))) { return False; } - if (!(e2->access_mask & (SA_RIGHT_FILE_WRITE_DATA | + if (!(e2->access_mask & (SA_RIGHT_FILE_WRITE_APPEND | SA_RIGHT_FILE_READ_EXEC | STD_RIGHT_DELETE_ACCESS))) { return False; } /* check the basic share access */ - CHECK_MASK(e1->access_mask, e2->share_access, SA_RIGHT_FILE_WRITE_DATA, NTCREATEX_SHARE_ACCESS_WRITE); - CHECK_MASK(e2->access_mask, e1->share_access, SA_RIGHT_FILE_WRITE_DATA, NTCREATEX_SHARE_ACCESS_WRITE); + CHECK_MASK(e1->access_mask, e2->share_access, + SA_RIGHT_FILE_WRITE_APPEND, + NTCREATEX_SHARE_ACCESS_WRITE); + CHECK_MASK(e2->access_mask, e1->share_access, + SA_RIGHT_FILE_WRITE_APPEND, + NTCREATEX_SHARE_ACCESS_WRITE); CHECK_MASK(e1->access_mask, e2->share_access, SA_RIGHT_FILE_READ_EXEC, diff --git a/source4/ntvfs/posix/pvfs_open.c b/source4/ntvfs/posix/pvfs_open.c index 346b1420e3..bfaa7bf5a1 100644 --- a/source4/ntvfs/posix/pvfs_open.c +++ b/source4/ntvfs/posix/pvfs_open.c @@ -290,9 +290,9 @@ static NTSTATUS pvfs_create_file(struct pvfs_state *pvfs, } if ((access_mask & SA_RIGHT_FILE_READ_EXEC) && - (access_mask & SA_RIGHT_FILE_WRITE_DATA)) { + (access_mask & SA_RIGHT_FILE_WRITE_APPEND)) { flags = O_RDWR; - } else if (access_mask & SA_RIGHT_FILE_WRITE_DATA) { + } else if (access_mask & SA_RIGHT_FILE_WRITE_APPEND) { flags = O_WRONLY; } else { flags = O_RDONLY; @@ -491,9 +491,9 @@ NTSTATUS pvfs_open(struct ntvfs_module_context *ntvfs, } if ((access_mask & SA_RIGHT_FILE_READ_EXEC) && - (access_mask & SA_RIGHT_FILE_WRITE_DATA)) { + (access_mask & SA_RIGHT_FILE_WRITE_APPEND)) { flags |= O_RDWR; - } else if (access_mask & SA_RIGHT_FILE_WRITE_DATA) { + } else if (access_mask & SA_RIGHT_FILE_WRITE_APPEND) { flags |= O_WRONLY; } else { flags |= O_RDONLY; diff --git a/source4/ntvfs/posix/pvfs_read.c b/source4/ntvfs/posix/pvfs_read.c index 734134368d..1f89f01a03 100644 --- a/source4/ntvfs/posix/pvfs_read.c +++ b/source4/ntvfs/posix/pvfs_read.c @@ -34,6 +34,7 @@ NTSTATUS pvfs_read(struct ntvfs_module_context *ntvfs, struct pvfs_file *f; NTSTATUS status; uint32_t maxcnt; + uint32_t mask; if (rd->generic.level != RAW_READ_READX) { return ntvfs_map_read(req, rd, ntvfs); @@ -48,8 +49,12 @@ NTSTATUS pvfs_read(struct ntvfs_module_context *ntvfs, return NT_STATUS_FILE_IS_A_DIRECTORY; } - if (!(f->access_mask & SA_RIGHT_FILE_READ_EXEC)) { - return NT_STATUS_ACCESS_VIOLATION; + mask = SA_RIGHT_FILE_READ_DATA; + if (req->flags2 & FLAGS2_READ_PERMIT_EXECUTE) { + mask |= SA_RIGHT_FILE_EXECUTE; + } + if (!(f->access_mask & mask)) { + return NT_STATUS_ACCESS_DENIED; } maxcnt = rd->readx.in.maxcnt; diff --git a/source4/ntvfs/posix/pvfs_write.c b/source4/ntvfs/posix/pvfs_write.c index 235a21882a..018f43e6d0 100644 --- a/source4/ntvfs/posix/pvfs_write.c +++ b/source4/ntvfs/posix/pvfs_write.c @@ -48,7 +48,7 @@ NTSTATUS pvfs_write(struct ntvfs_module_context *ntvfs, return NT_STATUS_FILE_IS_A_DIRECTORY; } - if (!(f->access_mask & SA_RIGHT_FILE_WRITE_DATA)) { + if (!(f->access_mask & SA_RIGHT_FILE_WRITE_APPEND)) { return NT_STATUS_ACCESS_VIOLATION; } |