From a763edaf9c76afe2546c035fc090370301dd347b Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Mon, 31 Oct 2011 12:38:20 -0700 Subject: Call check_parent_access() on readdir. --- source3/smbd/dir.c | 13 +++++++++++++ 1 file changed, 13 insertions(+) (limited to 'source3') diff --git a/source3/smbd/dir.c b/source3/smbd/dir.c index cc74886810..18c5935fdb 100644 --- a/source3/smbd/dir.c +++ b/source3/smbd/dir.c @@ -427,6 +427,7 @@ NTSTATUS dptr_create(connection_struct *conn, files_struct *fsp, struct smbd_server_connection *sconn = conn->sconn; struct dptr_struct *dptr = NULL; struct smb_Dir *dir_hnd; + NTSTATUS status; if (fsp && fsp->is_directory && fsp->fh->fd != -1) { path = fsp->fsp_name->base_name; @@ -443,6 +444,18 @@ NTSTATUS dptr_create(connection_struct *conn, files_struct *fsp, return NT_STATUS_INVALID_PARAMETER; } + status = check_parent_access(conn, + path, + SEC_DIR_LIST, + NULL); + if (!NT_STATUS_IS_OK(status)) { + DEBUG(5,("dptr_create: parent access check for path " + "%s failed with %s\n", + path, + nt_errstr(status))); + return status; + } + if (fsp) { dir_hnd = OpenDir_fsp(NULL, conn, fsp, wcard, attr); } else { -- cgit