The branch, v3-5-test has been updated
via 14a3111 s3:util_seaccess: make sure that we don't grant
SEC_STD_DELETE to the owner by default
via 295271c s3:smbd: access checks should not depend on share mode flags
from e47dd1e Fix inode generation so nautilus can count total dir size
correctly
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-5-test
- Log -----------------------------------------------------------------
commit 14a31111961278db99564d4d694f10ed66ff91bd
Author: Stefan Metzmacher <[email protected]>
Date: Mon Mar 21 14:15:32 2011 +0100
s3:util_seaccess: make sure that we don't grant SEC_STD_DELETE to the owner
by default
In the file server SEC_STD_DELETE is granted on the file/directory
or by FILE_DELETE_CHILD on the parent directory.
metze
(similar to commit c7d10179108a3ae8af15c838042294f3fdced03c)
The last 2 patches address bug #8034 (SEC_STD_DELETE is always granted to
the
owner of a file).
commit 295271ca3d4346e130363ba227ff66b08368d957
Author: Stefan Metzmacher <[email protected]>
Date: Fri Mar 18 16:45:08 2011 +0100
s3:smbd: access checks should not depend on share mode flags
metze
(cherry picked from commit f0ec69b53544b7ff702f94d58b3d64c33eaabc7a)
(cherry picked from commit dca75c8e3ac23256d93269bdc13d1e67571bc9f2)
-----------------------------------------------------------------------
Summary of changes:
source3/lib/util_seaccess.c | 24 +++++++++++-------------
source3/smbd/open.c | 1 -
2 files changed, 11 insertions(+), 14 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/lib/util_seaccess.c b/source3/lib/util_seaccess.c
index 369f684..058bf32 100644
--- a/source3/lib/util_seaccess.c
+++ b/source3/lib/util_seaccess.c
@@ -112,9 +112,7 @@ static uint32_t access_check_max_allowed(const struct
security_descriptor *sd,
unsigned i;
if (is_sid_in_token(token, sd->owner_sid)) {
- granted |= SEC_STD_WRITE_DAC | SEC_STD_READ_CONTROL |
SEC_STD_DELETE;
- } else if (user_has_privileges(token, &se_restore)) {
- granted |= SEC_STD_DELETE;
+ granted |= SEC_STD_WRITE_DAC | SEC_STD_READ_CONTROL;
}
if (sd->dacl == NULL) {
@@ -171,7 +169,7 @@ NTSTATUS se_access_check(const struct security_descriptor
*sd,
access_desired |= access_check_max_allowed(sd, token);
access_desired &= ~SEC_FLAG_MAXIMUM_ALLOWED;
*access_granted = access_desired;
- bits_remaining = access_desired & ~SEC_STD_DELETE;
+ bits_remaining = access_desired;
DEBUG(10,("se_access_check: MAX desired = 0x%x, granted = 0x%x,
remaining = 0x%x\n",
orig_access_desired,
@@ -187,22 +185,22 @@ NTSTATUS se_access_check(const struct security_descriptor
*sd,
}
}
- /* a NULL dacl allows access */
- if ((sd->type & SEC_DESC_DACL_PRESENT) && sd->dacl == NULL) {
- *access_granted = access_desired;
- return NT_STATUS_OK;
- }
-
- /* the owner always gets SEC_STD_WRITE_DAC, SEC_STD_READ_CONTROL and
SEC_STD_DELETE */
- if ((bits_remaining &
(SEC_STD_WRITE_DAC|SEC_STD_READ_CONTROL|SEC_STD_DELETE)) &&
+ /* the owner always gets SEC_STD_WRITE_DAC and SEC_STD_READ_CONTROL */
+ if ((bits_remaining & (SEC_STD_WRITE_DAC|SEC_STD_READ_CONTROL)) &&
is_sid_in_token(token, sd->owner_sid)) {
- bits_remaining &=
~(SEC_STD_WRITE_DAC|SEC_STD_READ_CONTROL|SEC_STD_DELETE);
+ bits_remaining &= ~(SEC_STD_WRITE_DAC|SEC_STD_READ_CONTROL);
}
if ((bits_remaining & SEC_STD_DELETE) &&
user_has_privileges(token, &se_restore)) {
bits_remaining &= ~SEC_STD_DELETE;
}
+ /* a NULL dacl allows access */
+ if ((sd->type & SEC_DESC_DACL_PRESENT) && sd->dacl == NULL) {
+ *access_granted = access_desired;
+ return NT_STATUS_OK;
+ }
+
if (sd->dacl == NULL) {
goto done;
}
diff --git a/source3/smbd/open.c b/source3/smbd/open.c
index bd748f9..0d585cf 100644
--- a/source3/smbd/open.c
+++ b/source3/smbd/open.c
@@ -2944,7 +2944,6 @@ static NTSTATUS create_file_unixpath(connection_struct
*conn,
if (lp_acl_check_permissions(SNUM(conn))
&& (create_disposition != FILE_CREATE)
- && (share_access & FILE_SHARE_DELETE)
&& (access_mask & DELETE_ACCESS)
&& (!(can_delete_file_in_directory(conn, smb_fname) ||
can_access_file_acl(conn, smb_fname, DELETE_ACCESS)))) {
--
Samba Shared Repository
