Age | Commit message (Collapse) | Author | Files | Lines | |
---|---|---|---|---|---|
2011-11-22 | Move setting the inherited ACL into the main open code path. Next will | Jeremy Allison | 1 | -1/+110 | |
remove it from the ACL modules. | |||||
2011-11-22 | Move the "set SD" code into provided SD and "inherit acls" branches. | Jeremy Allison | 1 | -29/+32 | |
2011-11-22 | Only add the SD if it's not a new stream file. | Jeremy Allison | 1 | -1/+1 | |
2011-11-22 | Move the add security descriptor code to *after* all the other meta-data is | Jeremy Allison | 1 | -35/+35 | |
updated. We may be adding an SD that restricts our own access. | |||||
2011-11-04 | No longer do the pre-check on DELETE_ACCESS - we're correctly checking the ↵ | Jeremy Allison | 1 | -22/+0 | |
ACL every time now. | |||||
2011-11-04 | Remove can_access_file_acl(). We no longer need this duplicate code (hurrah!). | Jeremy Allison | 1 | -1/+3 | |
2011-11-04 | Remove can_access_file_data() - make it use the standard ↵ | Jeremy Allison | 1 | -2/+2 | |
smbd_check_access_rights() instead. | |||||
2011-11-04 | Add const to the smb_filename argument of smbd_check_access_rights(). | Jeremy Allison | 1 | -2/+2 | |
2011-11-04 | Expose smbd_check_access_rights() to other modules. | Jeremy Allison | 1 | -1/+1 | |
2011-11-04 | Rename smbd_check_open_rights() to smbd_check_access_rights() as we're going ↵ | Jeremy Allison | 1 | -15/+15 | |
to remove the static from this. | |||||
2011-11-04 | Replace smb1_file_se_access_check() with just se_access_check(). | Jeremy Allison | 1 | -30/+21 | |
2011-11-04 | Move root check out of smb1_file_se_access_check() in preparation for ↵ | Jeremy Allison | 1 | -13/+25 | |
deleting this function. | |||||
2011-11-04 | smb1_file_se_access_check() is now static to smbd/open.c | Jeremy Allison | 1 | -1/+1 | |
2011-11-04 | Revert "Change function signature of check_parent_access() to take char * ↵ | Jeremy Allison | 1 | -6/+6 | |
instead of struct smb_filename." This reverts commit a11c0a41a35aa2b1c14333552045a65e3e50df1e. Not needed. | |||||
2011-11-01 | Change function signature of check_parent_access() to take char * instead of ↵ | Jeremy Allison | 1 | -6/+6 | |
struct smb_filename. Expose it so it can be called from directory code. | |||||
2011-10-28 | Remove the order dependency in parent_override_delete(), just check for & ↵ | Jeremy Allison | 1 | -2/+2 | |
not ==. | |||||
2011-10-28 | Remove unused "struct security_descriptor" parameter from check_parent_access() | Jeremy Allison | 1 | -8/+2 | |
2011-10-28 | Finally do all the open checks inside open_file(). Checks inside | Jeremy Allison | 1 | -0/+30 | |
vfs_acl_common can now be removed. | |||||
2011-10-28 | Simplify smbd_check_open_rights() and move all the special casing inside it. | Jeremy Allison | 1 | -101/+72 | |
2011-10-28 | Move parent_override_delete() to before I need to use it. | Jeremy Allison | 1 | -19/+19 | |
2011-10-28 | Make smbd_check_open_rights() static. | Jeremy Allison | 1 | -1/+1 | |
2011-10-26 | Factor out the code checking if a parent should override DELETE_ACCESS into ↵ | Jeremy Allison | 1 | -9/+31 | |
a function. Autobuild-User: Jeremy Allison <jra@samba.org> Autobuild-Date: Wed Oct 26 23:15:05 CEST 2011 on sn-devel-104 | |||||
2011-10-26 | Remove another level of indentation - deal with !NT_STATUS_OK individually. | Jeremy Allison | 1 | -65/+63 | |
2011-10-26 | Add early return on stat open without O_CREAT if file doesn't exist. | Jeremy Allison | 1 | -71/+74 | |
Reduces one level of indentation. | |||||
2011-10-20 | Refactor to create check_parent_access() which can be called for file ↵ | Jeremy Allison | 1 | -23/+64 | |
creation too. Autobuild-User: Jeremy Allison <jra@samba.org> Autobuild-Date: Thu Oct 20 20:29:22 CEST 2011 on sn-devel-104 | |||||
2011-10-20 | Make mkdir_internal() check the parent ACL for SEC_DIR_ADD_SUBDIR rights. | Jeremy Allison | 1 | -2/+33 | |
2011-10-20 | Fix error return to be NT_STATUS_NOT_A_DIRECTORY. | Jeremy Allison | 1 | -2/+2 | |
2011-10-20 | Make use of the "dir_exists" we already have on directory open. | Jeremy Allison | 1 | -8/+28 | |
2011-10-17 | First part of fix for bug #8419 - Make VFS op "streaminfo" stackable. | Frank Lahm | 1 | -3/+3 | |
Autobuild-User: Jeremy Allison <jra@samba.org> Autobuild-Date: Mon Oct 17 21:39:32 CEST 2011 on sn-devel-104 | |||||
2011-10-14 | Add support for VFS op streaminfo chaining in all relevant VFS modules. | Frank Lahm | 1 | -3/+3 | |
Autobuild-User: Jeremy Allison <jra@samba.org> Autobuild-Date: Fri Oct 14 03:26:06 CEST 2011 on sn-devel-104 | |||||
2011-10-05 | Fix bug #8507 - smbd doesn't correctly honor the "force create mode" bits ↵ | Jeremy Allison | 1 | -6/+6 | |
from a cifsfs create. Don't manipulate the new_dos_attributes bits until we know it's not a POSIX open. Autobuild-User: Jeremy Allison <jra@samba.org> Autobuild-Date: Wed Oct 5 01:19:17 CEST 2011 on sn-devel-104 | |||||
2011-08-02 | s3: Pass sconn explicitly to open_was_deferred | Volker Lendecke | 1 | -1/+1 | |
2011-08-02 | s3: Explicitly pass sconn to remove_deferred_open_message_smb | Volker Lendecke | 1 | -1/+1 | |
2011-07-29 | s3: Make map_open_params_to_ntcreate() available in lib/ | Volker Lendecke | 1 | -147/+0 | |
2011-07-29 | s3: Make is_executable() available in lib/ | Volker Lendecke | 1 | -17/+0 | |
2011-07-29 | s3: We only need base_name in map_open_params_to_ntcreate | Volker Lendecke | 1 | -4/+4 | |
2011-07-20 | s3-auth Use struct auth_user_info_unix for unix_name and sanitized_username | Andrew Bartlett | 1 | -1/+1 | |
This is closer to the layout of struct auth_session_info in auth.idl Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org> | |||||
2011-07-11 | s3:smbd: check the share level access mask in smbd_calculate_access_mask() | Stefan Metzmacher | 1 | -0/+17 | |
I think we should reject invalid access early, before we might create new files. Also smbd_check_open_rights() is only called if the file existed. metze | |||||
2011-07-11 | s3:smbd: make smbd_calculate_access_mask() non-static | Stefan Metzmacher | 1 | -14/+15 | |
metze | |||||
2011-07-05 | s3: Fix bug 8102 | Volker Lendecke | 1 | -0/+8 | |
We can't allow open with access that has been denied via the share security descriptor Signed-off-by: Stefan Metzmacher <metze@samba.org> Autobuild-User: Stefan Metzmacher <metze@samba.org> Autobuild-Date: Tue Jul 5 16:21:54 CEST 2011 on sn-devel-104 | |||||
2011-06-24 | Fix bug #8254 - "acl check permissions = no" does not work in all cases | Jeremy Allison | 1 | -2/+11 | |
Move lp_acl_check_permissions() into can_delete_file_in_directory() where it makes sense. Remove ACL check when requesting DELETE_ACCESS when lp_acl_check_permissions is false. Thanks to John Janosik @ IBM for noticing this. Autobuild-User: Jeremy Allison <jra@samba.org> Autobuild-Date: Fri Jun 24 01:18:11 CEST 2011 on sn-devel-104 | |||||
2011-06-09 | s3-talloc Change TALLOC_ARRAY() to talloc_array() | Andrew Bartlett | 1 | -2/+2 | |
Using the standard macro makes it easier to move code into common, as TALLOC_ARRAY isn't standard talloc. | |||||
2011-06-09 | Ensure when creating a directory, if we make any changes due to inheritance ↵ | Jeremy Allison | 1 | -0/+12 | |
parameters, we update the stat returned. Autobuild-User: Jeremy Allison <jra@samba.org> Autobuild-Date: Thu Jun 9 00:46:39 CEST 2011 on sn-devel-104 | |||||
2011-06-08 | Part 4 of bugfix for #8211 - "inherit owner = yes" doesn't interact ↵ | Jeremy Allison | 1 | -3/+2 | |
correctly with "inherit permissions = yes" and POSIX ACLs We don't need to check mode bits as well as dev/ino to ensure we're in the same place. | |||||
2011-06-08 | Part 3 of bugfix for #8211 - "inherit owner = yes" doesn't interact ↵ | Jeremy Allison | 1 | -17/+43 | |
correctly with "inherit permissions = yes" and POSIX ACLs When changing ownership on a new file make sure we must have a valid stat struct before making the inheritance calls (as they may look at it), and if we make changes we must have a valid stat struct after them. Autobuild-User: Jeremy Allison <jra@samba.org> Autobuild-Date: Wed Jun 8 03:07:04 CEST 2011 on sn-devel-104 | |||||
2011-06-07 | Part 2 of bugfix for #8211 - "inherit owner = yes" doesn't interact ↵ | Jeremy Allison | 1 | -0/+2 | |
correctly with "inherit permissions = yes" and POSIX ACLs When changing ownership on a new file make sure we also change the returned stat struct to have the correct uid. | |||||
2011-06-07 | Part 1 of bugfix for #8211 - "inherit owner = yes" doesn't interact ↵ | Jeremy Allison | 1 | -0/+2 | |
correctly with "inherit permissions = yes" and POSIX ACLs When changing ownership on a new directory make sure we also change the returned stat struct to have the correct uid. | |||||
2011-06-01 | Move fd_close on error path to be identical to all other error paths. | Jeremy Allison | 1 | -2/+1 | |
Autobuild-User: Jeremy Allison <jra@samba.org> Autobuild-Date: Wed Jun 1 22:30:03 CEST 2011 on sn-devel-104 | |||||
2011-06-01 | TALLOC_FREE already checks for null. | Jeremy Allison | 1 | -3/+1 | |
2011-06-01 | Fix bug #8175 - smbd deadlock. | Jeremy Allison | 1 | -27/+71 | |
Force the open operation (which is the expensive one anyway) to acquire and release locks in a way compatible with the more common do_lock check. Jeremy. |