1 files changed, 13 insertions, 2 deletions

diff --git a/source3/smbd/file_access.c b/source3/smbd/file_access.c
index a248dd9f3b..9c77f9e961 100644
--- a/source3/smbd/file_access.c
+++ b/source3/smbd/file_access.c
@@ -89,7 +89,8 @@ bool can_delete_file_in_directory(connection_struct *conn, const char *fname)
 	}
 
 #ifdef S_ISVTX
-	/* sticky bit means delete only by owner or root. */
+	/* sticky bit means delete only by owner of file or by root or
+	 * by owner of directory. */
 	if (sbuf.st_ex_mode & S_ISVTX) {
 		SMB_STRUCT_STAT sbuf_file;
 		if(SMB_VFS_STAT(conn, fname, &sbuf_file) != 0) {
@@ -98,14 +99,24 @@ bool can_delete_file_in_directory(connection_struct *conn, const char *fname)
 				 * yes we'll be able to delete it. */
 				return True;
 			}
+			DEBUG(10,("can_delete_file_in_directory: can't "
+				"stat file %s (%s)",
+				fname, strerror(errno) ));
 			return False;
 		}
 		/*
 		 * Patch from SATOH Fumiyasu <fumiyas@miraclelinux.com>
 		 * for bug #3348. Don't assume owning sticky bit
 		 * directory means write access allowed.
+		 * Fail to delete if we're not the owner of the file,
+		 * or the owner of the directory as we have no possible
+		 * chance of deleting. Otherwise, go on and check the ACL.
 		 */
-		if (conn->server_info->utok.uid != sbuf_file.st_ex_uid) {
+		if ((conn->server_info->utok.uid != sbuf.st_ex_uid) &&
+				(conn->server_info->utok.uid != sbuf_file.st_ex_uid)) {
+			DEBUG(10,("can_delete_file_in_directory: not "
+				"owner of file %s or directory %s",
+				fname, dname));
 			return False;
 		}
 	}