Age | Commit message (Collapse) | Author | Files | Lines |
|
Jeremy
|
|
delete file
This fixes the generic rename/delete problem for 3.3.0 and above.
Fixed slightly differently to discussions, user viewable modified
ACLs are not a good idea :-).
Jeremy.
|
|
|
|
calculation of SEC_FLAG_MAXIMUM_ALLOWED much easier
for files.
Jeremy.
|
|
No functional change, this is a preparation for more current_user ref removal
(This used to be commit dcaedf345e62ab74ea87f0a3fa1e3199c75c5445)
|
|
With at least NFSv4 ACLs around the write permission for the owner is a bogus
check if we can delete a file in a directory. Like in Windows, there are two
ways which can grant us such: First, the DELETE permission on the file itself,
or if that does not help, the DELETE_CHILD permission on the directory. It
might be a bit more code that runs, but essentially we should end up with the
same set of syscalls in the non-acl case.
(This used to be commit daa9b056645a45edfb3a70e3536011ebe5678970)
|
|
Michael
(This used to be commit 7d5fb873bde0a84de522650945effeaf602c759e)
|
|
This is a security descriptor level function only.
Michael
(This used to be commit 5931540fa1681f026fed42df387d17e43c493c47)
|
|
conn holds the current user info
(This used to be commit 093bc5f2b33ebf90e04bc17e51b1695b1b932bf2)
|
|
being (correctly) used in the can_read/can_write checks for hide unreadable/unwritable
and this is more properly done using the functions in smbd/file_access.c.
Preparing to do NT access checks on all file access.
Jeremy.
(This used to be commit 6bfb06ad95963ae2acb67c4694a98282d3b29faa)
|
|
there as it no longer uses explicit POSIX ACL calls.
Jeremy.
(This used to be commit ac1eac9b0d07b7b3d341c06ef1a8fd8f3c05a618)
|
|
Up to now, get_nt_acl() took a files_struct pointer (fsp) and
a file name. All the underlying functions should need and now
do need (after the previous preparatory work), is a connection_struct
and a file name. The connection_struct is already there in the
vfs_handle passed to the vfs functions. So the files_struct
argument can be eliminated.
This eliminates the need of calling open_file_stat in a couple
of places to produce the fsp needed.
Michael
(This used to be commit b5f600fab53c9d159a958c59795db3ba4a8acc63)
|
|
Calling can_access_file could lead to orphaned open files
when SMB_VFS_GET_NT_ACL returned ENOSYS (not implemented).
Michael
(This used to be commit f4f700cf0c1657c36e801fab20fe7b1a4efcb714)
|
|
(This used to be commit dcbe1bf942d017a3cd5084c6ef605a13912f795b)
|
|
Do directory vs file open before entering open_file_stat
(This used to be commit cd62122916defbfb57468c3b82a60b766fc4652e)
|
|
to a new source file of their own.
Michael
(This used to be commit 9dd18bb534bca6b5de6cad9580b48681b36c0832)
|