diff options
-rw-r--r-- | source3/smbd/nttrans.c | 6 | ||||
-rw-r--r-- | source3/smbd/trans2.c | 38 |
2 files changed, 42 insertions, 2 deletions
diff --git a/source3/smbd/nttrans.c b/source3/smbd/nttrans.c index 855a49b2d5..ad585337b8 100644 --- a/source3/smbd/nttrans.c +++ b/source3/smbd/nttrans.c @@ -1389,7 +1389,8 @@ static NTSTATUS copy_internals(TALLOC_CTX *ctx, req, /* req */ 0, /* root_dir_fid */ smb_fname_src, /* fname */ - FILE_READ_DATA, /* access_mask */ + FILE_READ_DATA|FILE_READ_ATTRIBUTES| + FILE_READ_EA, /* access_mask */ (FILE_SHARE_READ | FILE_SHARE_WRITE | /* share_access */ FILE_SHARE_DELETE), FILE_OPEN, /* create_disposition*/ @@ -1412,7 +1413,8 @@ static NTSTATUS copy_internals(TALLOC_CTX *ctx, req, /* req */ 0, /* root_dir_fid */ smb_fname_dst, /* fname */ - FILE_WRITE_DATA, /* access_mask */ + FILE_WRITE_DATA|FILE_WRITE_ATTRIBUTES| + FILE_WRITE_EA, /* access_mask */ (FILE_SHARE_READ | FILE_SHARE_WRITE | /* share_access */ FILE_SHARE_DELETE), FILE_CREATE, /* create_disposition*/ diff --git a/source3/smbd/trans2.c b/source3/smbd/trans2.c index 30794e009e..ddae99d7cc 100644 --- a/source3/smbd/trans2.c +++ b/source3/smbd/trans2.c @@ -504,6 +504,10 @@ NTSTATUS set_ea(connection_struct *conn, files_struct *fsp, return NT_STATUS_EAS_NOT_SUPPORTED; } + if (fsp && !(fsp->access_mask & FILE_WRITE_EA)) { + return NT_STATUS_ACCESS_DENIED; + } + /* For now setting EAs on streams isn't supported. */ fname = smb_fname->base_name; @@ -5446,6 +5450,10 @@ NTSTATUS smb_set_file_time(connection_struct *conn, return NT_STATUS_OBJECT_NAME_NOT_FOUND; } + if (fsp && !(fsp->access_mask & FILE_WRITE_ATTRIBUTES)) { + return NT_STATUS_ACCESS_DENIED; + } + /* get some defaults (no modifications) if any info is zero or -1. */ if (null_timespec(ft->create_time)) { action &= ~FILE_NOTIFY_CHANGE_CREATION; @@ -5599,6 +5607,10 @@ static NTSTATUS smb_set_file_size(connection_struct *conn, return NT_STATUS_OBJECT_NAME_NOT_FOUND; } + if (fsp && !(fsp->access_mask & FILE_WRITE_DATA)) { + return NT_STATUS_ACCESS_DENIED; + } + DEBUG(6,("smb_set_file_size: size: %.0f ", (double)size)); if (size == get_file_size_stat(psbuf)) { @@ -5705,6 +5717,11 @@ static NTSTATUS smb_info_set_ea(connection_struct *conn, if (!ea_list) { return NT_STATUS_INVALID_PARAMETER; } + + if (fsp && !(fsp->access_mask & FILE_WRITE_EA)) { + return NT_STATUS_ACCESS_DENIED; + } + status = set_ea(conn, fsp, smb_fname, ea_list); return status; @@ -5747,6 +5764,11 @@ static NTSTATUS smb_set_file_full_ea_info(connection_struct *conn, if (!ea_list) { return NT_STATUS_INVALID_PARAMETER; } + + if (fsp && !(fsp->access_mask & FILE_WRITE_EA)) { + return NT_STATUS_ACCESS_DENIED; + } + status = set_ea(conn, fsp, fsp->fsp_name, ea_list); DEBUG(10, ("smb_set_file_full_ea_info on file %s returned %s\n", @@ -6485,6 +6507,10 @@ static NTSTATUS smb_set_file_basic_info(connection_struct *conn, return NT_STATUS_INVALID_PARAMETER; } + if (fsp && !(fsp->access_mask & FILE_WRITE_ATTRIBUTES)) { + return NT_STATUS_ACCESS_DENIED; + } + /* Set the attributes */ dosmode = IVAL(pdata,32); status = smb_set_file_dosmode(conn, smb_fname, dosmode); @@ -6529,6 +6555,10 @@ static NTSTATUS smb_set_info_standard(connection_struct *conn, return NT_STATUS_INVALID_PARAMETER; } + if (fsp && !(fsp->access_mask & FILE_WRITE_ATTRIBUTES)) { + return NT_STATUS_ACCESS_DENIED; + } + /* create time */ ft.create_time = convert_time_t_to_timespec(srv_make_unix_date2(pdata)); /* access time */ @@ -6587,6 +6617,10 @@ static NTSTATUS smb_set_file_allocation_info(connection_struct *conn, allocation_size = smb_roundup(conn, allocation_size); } + if (fsp && !(fsp->access_mask & FILE_WRITE_DATA)) { + return NT_STATUS_ACCESS_DENIED; + } + DEBUG(10,("smb_set_file_allocation_info: file %s : setting new " "allocation size to %.0f\n", smb_fname_str_dbg(smb_fname), (double)allocation_size)); @@ -6684,6 +6718,10 @@ static NTSTATUS smb_set_file_end_of_file_info(connection_struct *conn, "file %s to %.0f\n", smb_fname_str_dbg(smb_fname), (double)size)); + if (fsp && !(fsp->access_mask & FILE_WRITE_DATA)) { + return NT_STATUS_ACCESS_DENIED; + } + return smb_set_file_size(conn, req, fsp, smb_fname, |