From e722cb25d8b2584a21dc6b4ecbca3b04c4dcb2c1 Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Fri, 2 Sep 2005 12:53:46 +0000 Subject: r9952: Adapt better to the Windows way of taking and assigning ownership: * Users with SeRestorePrivilege may chown files to anyone (be it as a backup software or directly using the ownership-tab in the security acl editor on xp), while * Users with SeTakeOwnershipPrivilege only can chown to themselves. Simo, Jeremy. I think this is correct now. Guenther (This used to be commit 1ef7a192eed457d302a08c692bb54a73a1af4afd) --- source3/smbd/posix_acls.c | 33 ++++++++++++++++++++++----------- 1 file changed, 22 insertions(+), 11 deletions(-) (limited to 'source3/smbd/posix_acls.c') diff --git a/source3/smbd/posix_acls.c b/source3/smbd/posix_acls.c index 00ec3e0095..f1c9426676 100644 --- a/source3/smbd/posix_acls.c +++ b/source3/smbd/posix_acls.c @@ -2998,7 +2998,8 @@ size_t get_nt_acl(files_struct *fsp, uint32 security_info, SEC_DESC **ppdesc) 1) If we have root privileges, then it will just work. 2) If we have SeTakeOwnershipPrivilege we can change the user to the current user. - 3) If we have write permission to the file and dos_filemodes is set + 3) If we have SeRestorePrivilege we can change the user to any other user. + 4) If we have write permission to the file and dos_filemodes is set then allow chown to the currently authenticated user. ****************************************************************************/ @@ -3007,7 +3008,6 @@ static int try_chown(connection_struct *conn, const char *fname, uid_t uid, gid_ int ret; files_struct *fsp; SMB_STRUCT_STAT st; - SE_PRIV se_take_ownership = SE_TAKE_OWNERSHIP; if(!CAN_WRITE(conn)) { return -1; @@ -3019,17 +3019,28 @@ static int try_chown(connection_struct *conn, const char *fname, uid_t uid, gid_ if (ret == 0) return 0; - /* Case (2). */ - if (lp_enable_privileges() && - (user_has_privileges(current_user.nt_user_token,&se_take_ownership))) { - become_root(); - /* Keep the current file gid the same - take ownership doesn't imply group change. */ - ret = SMB_VFS_CHOWN(conn, fname, uid, (gid_t)-1); - unbecome_root(); - return ret; + /* Case (2) / (3) */ + if (lp_enable_privileges()) { + + BOOL has_take_ownership_priv = user_has_privileges(current_user.nt_user_token, + &se_take_ownership); + BOOL has_restore_priv = user_has_privileges(current_user.nt_user_token, + &se_restore); + + /* Case (2) */ + if ( ( has_take_ownership_priv && ( uid == current_user.uid ) ) || + /* Case (3) */ + ( has_restore_priv ) ) { + + become_root(); + /* Keep the current file gid the same - take ownership doesn't imply group change. */ + ret = SMB_VFS_CHOWN(conn, fname, uid, (gid_t)-1); + unbecome_root(); + return ret; + } } - /* Case (3). */ + /* Case (4). */ if (!lp_dos_filemode(SNUM(conn))) { return -1; } -- cgit