From e9d360aae9ed73da0382204e47a3545cf0d8572c Mon Sep 17 00:00:00 2001
From: Jeremy Allison <jra@samba.org>
Date: Wed, 2 Mar 2005 03:41:44 +0000
Subject: r5616: Forgot about the sticky bit on directories (commonly set on
 /tmp). If this is set then only the owner or root can delete a file. We now
 use the same algorithm to check file delete. Jeremy. (This used to be commit
 eb18104d10428a5daef2316088edc3dbaff58708)

---
 source3/smbd/posix_acls.c | 16 ++++++++++++++++
 1 file changed, 16 insertions(+)

(limited to 'source3/smbd/posix_acls.c')

diff --git a/source3/smbd/posix_acls.c b/source3/smbd/posix_acls.c
index d02edc5ea0..c5f96db85c 100644
--- a/source3/smbd/posix_acls.c
+++ b/source3/smbd/posix_acls.c
@@ -3903,10 +3903,26 @@ BOOL can_delete_file_in_directory(connection_struct *conn, const char *fname)
 	if (current_user.uid == sbuf.st_uid) {
 		return (sbuf.st_mode & S_IWUSR) ? True : False;
 	}
+
+#ifdef S_ISVTX
+	/* sticky bit means delete only by owner or root. */
+	if (sbuf.st_mode & S_ISVTX) {
+		SMB_STRUCT_STAT sbuf_file;  
+		if(SMB_VFS_STAT(conn, fname, &sbuf_file) != 0) {
+			return False;
+		}
+		if (current_user.uid == sbuf_file.st_uid) {
+			return True;
+		}
+		return False;
+	}
+#endif
+
 	/* Check group ownership. */
 	ret = check_posix_acl_group_write(conn, dname, &sbuf);
 	if (ret == 0 || ret == 1) {
 		return ret ? True : False;
 	}
+
 	return (sbuf.st_mode & S_IWOTH) ? True : False;
 }
-- 
cgit