The Samba-Bugzilla – Attachment 1120 Details for
Bug 2239
dos filemode allows changing of ownership but no permission changes
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
patch to fix problem that "dos filemode" doesn't function correctly
samba-3.0.10-bug-2239.patch (text/plain), 2.25 KB, created by
MORIYAMA Masayuki
on 2005-03-25 01:59:23 UTC
(
hide
)
Description:
patch to fix problem that "dos filemode" doesn't function correctly
Filename:
MIME Type:
Creator:
MORIYAMA Masayuki
Created:
2005-03-25 01:59:23 UTC
Size:
2.25 KB
patch
obsolete
>--- samba-3.0.10/source/smbd/posix_acls.c.orig 2005-03-24 17:07:24.000000000 +0900 >+++ samba-3.0.10/source/smbd/posix_acls.c 2005-03-24 17:07:29.000000000 +0900 >@@ -1218,12 +1218,14 @@ > DOM_SID *pfile_owner_sid, > DOM_SID *pfile_grp_sid, > canon_ace **ppfile_ace, canon_ace **ppdir_ace, >- SEC_ACL *dacl) >+ uint32 security_info_sent, >+ SEC_DESC *psd) > { > extern DOM_SID global_sid_Creator_Owner; > extern DOM_SID global_sid_Creator_Group; > extern DOM_SID global_sid_World; > extern struct generic_mapping file_generic_mapping; >+ SEC_ACL *dacl = psd->dacl; > BOOL all_aces_are_inherit_only = (fsp->is_directory ? True : False); > canon_ace *file_ace = NULL; > canon_ace *dir_ace = NULL; >@@ -1343,7 +1345,17 @@ > * Note what kind of a POSIX ACL this should map to. > */ > >- if( sid_equal(¤t_ace->trustee, &global_sid_World)) { >+ if (security_info_sent & OWNER_SECURITY_INFORMATION >+ && sid_equal(¤t_ace->trustee, psd->owner_sid) >+ && NT_STATUS_IS_OK(sid_to_uid( psd->owner_sid, ¤t_ace->unix_ug.uid))) { >+ current_ace->owner_type = UID_ACE; >+ current_ace->type = SMB_ACL_USER_OBJ; >+ } else if (security_info_sent & GROUP_SECURITY_INFORMATION >+ && sid_equal(¤t_ace->trustee, psd->grp_sid) >+ && NT_STATUS_IS_OK(sid_to_gid( psd->grp_sid, ¤t_ace->unix_ug.gid))) { >+ current_ace->owner_type = GID_ACE; >+ current_ace->type = SMB_ACL_GROUP_OBJ; >+ } else if( sid_equal(¤t_ace->trustee, &global_sid_World)) { > current_ace->owner_type = WORLD_ACE; > current_ace->unix_ug.world = -1; > current_ace->type = SMB_ACL_OTHER; >@@ -1923,7 +1935,7 @@ > */ > > if (!create_canon_ace_lists( fsp, pst, pfile_owner_sid, pfile_grp_sid, >- &file_ace, &dir_ace, psd->dacl)) >+ &file_ace, &dir_ace, security_info_sent, psd)) > return False; > > if ((file_ace == NULL) && (dir_ace == NULL)) { >@@ -2937,12 +2949,6 @@ > if (!fsp) > return -1; > >- /* only allow chown to the current user. This is more secure, >- and also copes with the case where the SID in a take ownership ACL is >- a local SID on the users workstation >- */ >- uid = current_user.uid; >- > become_root(); > /* Keep the current file gid the same. */ > ret = SMB_VFS_FCHOWN(fsp, fsp->fd, uid, (gid_t)-1);
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=1120">View the attachment on a separate page</a>.</b>
View Attachment As Raw
Actions:
View
Attachments on
bug 2239
: 1120