summaryrefslogtreecommitdiff
path: root/source4/ntvfs/posix/pvfs_open.c
diff options
context:
space:
mode:
Diffstat (limited to 'source4/ntvfs/posix/pvfs_open.c')
-rw-r--r--source4/ntvfs/posix/pvfs_open.c16
1 files changed, 14 insertions, 2 deletions
diff --git a/source4/ntvfs/posix/pvfs_open.c b/source4/ntvfs/posix/pvfs_open.c
index ac2742d357..badd18d370 100644
--- a/source4/ntvfs/posix/pvfs_open.c
+++ b/source4/ntvfs/posix/pvfs_open.c
@@ -283,6 +283,10 @@ static NTSTATUS pvfs_create_file(struct pvfs_state *pvfs,
return NT_STATUS_CANNOT_DELETE;
}
+ if (access_mask & SEC_RIGHT_MAXIMUM_ALLOWED) {
+ access_mask = GENERIC_RIGHTS_FILE_READ | GENERIC_RIGHTS_FILE_WRITE;
+ }
+
flags = O_RDWR;
f = talloc_p(req, struct pvfs_file);
@@ -355,7 +359,7 @@ static NTSTATUS pvfs_create_file(struct pvfs_state *pvfs,
f->lock_count = 0;
f->create_options = io->generic.in.create_options;
f->share_access = io->generic.in.share_access;
- f->access_mask = io->generic.in.access_mask;
+ f->access_mask = access_mask;
f->seek_offset = 0;
f->position = 0;
@@ -429,6 +433,14 @@ NTSTATUS pvfs_open(struct ntvfs_module_context *ntvfs,
share_access = io->generic.in.share_access;
access_mask = io->generic.in.access_mask;
+ if (access_mask & SEC_RIGHT_MAXIMUM_ALLOWED) {
+ if (name->dos.attrib & FILE_ATTRIBUTE_READONLY) {
+ access_mask = GENERIC_RIGHTS_FILE_READ;
+ } else {
+ access_mask = GENERIC_RIGHTS_FILE_READ | GENERIC_RIGHTS_FILE_WRITE;
+ }
+ }
+
/* certain create options are not allowed */
if ((create_options & NTCREATEX_OPTIONS_DELETE_ON_CLOSE) &&
!(access_mask & STD_RIGHT_DELETE_ACCESS)) {
@@ -551,7 +563,7 @@ NTSTATUS pvfs_open(struct ntvfs_module_context *ntvfs,
f->lock_count = 0;
f->create_options = io->generic.in.create_options;
f->share_access = io->generic.in.share_access;
- f->access_mask = io->generic.in.access_mask;
+ f->access_mask = access_mask;
f->seek_offset = 0;
f->position = 0;