From 807b64ffcaac4c57dd36cbac979006e335243032 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Mon, 17 May 2021 15:34:55 -0700 Subject: [PATCH] s3: smbd: Ensure POSIX default ACL is mapped into returned Windows ACL for directory handles. BUG: https://bugzilla.samba.org/show_bug.cgi?id=14708 Signed-off-by: Jeremy Allison --- source3/smbd/posix_acls.c | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) diff --git a/source3/smbd/posix_acls.c b/source3/smbd/posix_acls.c index 0cc19182b91..c1b15d20da5 100644 --- a/source3/smbd/posix_acls.c +++ b/source3/smbd/posix_acls.c @@ -3426,6 +3426,7 @@ NTSTATUS posix_fget_nt_acl(struct files_struct *fsp, uint32_t security_info, { SMB_STRUCT_STAT sbuf; SMB_ACL_T posix_acl = NULL; + SMB_ACL_T def_acl = NULL; struct pai_val *pal; TALLOC_CTX *frame = talloc_stackframe(); NTSTATUS status; @@ -3444,10 +3445,19 @@ NTSTATUS posix_fget_nt_acl(struct files_struct *fsp, uint32_t security_info, /* Get the ACL from the fd. */ posix_acl = SMB_VFS_SYS_ACL_GET_FD(fsp, frame); + /* If it's a directory get the default POSIX ACL. */ + if(fsp->fsp_flags.is_directory) { + def_acl = SMB_VFS_SYS_ACL_GET_FILE(fsp->conn, + fsp->fsp_name, + SMB_ACL_TYPE_DEFAULT, + frame); + def_acl = free_empty_sys_acl(fsp->conn, def_acl); + } + pal = fload_inherited_info(fsp); status = posix_get_nt_acl_common(fsp->conn, fsp->fsp_name->base_name, - &sbuf, pal, posix_acl, NULL, + &sbuf, pal, posix_acl, def_acl, security_info, mem_ctx, ppdesc); TALLOC_FREE(frame); return status; -- 2.27.0