The Samba-Bugzilla – Attachment 7199 Details for
Bug 8663
deleting a symlink fails if the symlink target is outside of the share
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
git-am fix for 3.5.next
look (text/plain), 5.31 KB, created by
Jeremy Allison
on 2011-12-16 23:45:12 UTC
(
hide
)
Description:
git-am fix for 3.5.next
Filename:
MIME Type:
Creator:
Jeremy Allison
Created:
2011-12-16 23:45:12 UTC
Size:
5.31 KB
patch
obsolete
>From 2bff2818cb38d3717abab89fec7aae57e9648075 Mon Sep 17 00:00:00 2001 >From: Jeremy Allison <jra@samba.org> >Date: Thu, 15 Dec 2011 15:50:23 -0800 >Subject: [PATCH 1/3] First part of fix for bug #8663 - deleting a symlink fails if the symlink target is outside of the share. > >Remove two unneeded check_name() calls. They have already been done >in order to get here. >--- > source3/smbd/open.c | 12 ------------ > 1 files changed, 0 insertions(+), 12 deletions(-) > >diff --git a/source3/smbd/open.c b/source3/smbd/open.c >index 70e6b4f..693e488 100644 >--- a/source3/smbd/open.c >+++ b/source3/smbd/open.c >@@ -1431,11 +1431,6 @@ static NTSTATUS open_file_ntcreate(connection_struct *conn, > remove_deferred_open_smb_message(req->mid); > } > >- status = check_name(conn, smb_fname->base_name); >- if (!NT_STATUS_IS_OK(status)) { >- return status; >- } >- > if (!posix_open) { > new_dos_attributes &= SAMBA_ATTRIBUTES_MASK; > if (file_existed) { >@@ -3308,13 +3303,6 @@ NTSTATUS create_file_default(connection_struct *conn, > } > } > >- /* All file access must go through check_name() */ >- >- status = check_name(conn, smb_fname->base_name); >- if (!NT_STATUS_IS_OK(status)) { >- goto fail; >- } >- > status = create_file_unixpath( > conn, req, smb_fname, access_mask, share_access, > create_disposition, create_options, file_attributes, >-- >1.7.3.1 > > >From 1d17d3bba02ad50ba178395ee6daf81f3f8e2f09 Mon Sep 17 00:00:00 2001 >From: Jeremy Allison <jra@samba.org> >Date: Fri, 16 Dec 2011 11:56:01 -0800 >Subject: [PATCH 2/3] Second part of fix for bug #8663 - deleting a symlink fails if the symlink target is outside of the share. > >Ensure we use UCF_UNIX_NAME_LOOKUP flags on filename_convert() >when doing a restricted set of infolevels in trans2setfilepathinfo(). >--- > source3/smbd/trans2.c | 10 +++++++++- > 1 files changed, 9 insertions(+), 1 deletions(-) > >diff --git a/source3/smbd/trans2.c b/source3/smbd/trans2.c >index 93fa291..794c138 100644 >--- a/source3/smbd/trans2.c >+++ b/source3/smbd/trans2.c >@@ -7713,6 +7713,7 @@ static void call_trans2setfilepathinfo(connection_struct *conn, > } > } else { > char *fname = NULL; >+ uint32_t ucf_flags = 0; > > /* set path info */ > if (total_params < 7) { >@@ -7729,10 +7730,17 @@ static void call_trans2setfilepathinfo(connection_struct *conn, > return; > } > >+ if (info_level == SMB_SET_FILE_UNIX_BASIC || >+ info_level == SMB_SET_FILE_UNIX_INFO2 || >+ info_level == SMB_FILE_RENAME_INFORMATION || >+ info_level == SMB_POSIX_PATH_UNLINK) { >+ ucf_flags |= UCF_UNIX_NAME_LOOKUP; >+ } >+ > status = filename_convert(req, conn, > req->flags2 & FLAGS2_DFS_PATHNAMES, > fname, >- 0, >+ ucf_flags, > NULL, > &smb_fname); > if (!NT_STATUS_IS_OK(status)) { >-- >1.7.3.1 > > >From cc39cd4079c23e3a7ffd9293306d2bed2d6cf906 Mon Sep 17 00:00:00 2001 >From: Jeremy Allison <jra@samba.org> >Date: Fri, 16 Dec 2011 15:43:21 -0800 >Subject: [PATCH 3/3] Third part of fix for bug #8663 - deleting a symlink fails if the symlink target is outside of the share. > >can_access_file_acl() - we can always delete a symlink. >can_delete_file_in_directory() - We don't need to do another STAT call >here, we know smb_fname->st is in a valid state. >smbd_check_open_rights() - we can always delete a symlink. >--- > source3/smbd/file_access.c | 23 +++++++++++------------ > source3/smbd/open.c | 10 ++++++++++ > 2 files changed, 21 insertions(+), 12 deletions(-) > >diff --git a/source3/smbd/file_access.c b/source3/smbd/file_access.c >index 8b669fe..69f89b8 100644 >--- a/source3/smbd/file_access.c >+++ b/source3/smbd/file_access.c >@@ -40,6 +40,13 @@ bool can_access_file_acl(struct connection_struct *conn, > return true; > } > >+ if (access_mask == DELETE_ACCESS && >+ VALID_STAT(smb_fname->st) && >+ S_ISLNK(smb_fname->st.st_ex_mode)) { >+ /* We can always delete a symlink. */ >+ return true; >+ } >+ > status = SMB_VFS_GET_NT_ACL(conn, smb_fname->base_name, > (OWNER_SECURITY_INFORMATION | > GROUP_SECURITY_INFORMATION | >@@ -115,18 +122,10 @@ bool can_delete_file_in_directory(connection_struct *conn, > /* sticky bit means delete only by owner of file or by root or > * by owner of directory. */ > if (smb_fname_parent->st.st_ex_mode & S_ISVTX) { >- if(SMB_VFS_STAT(conn, smb_fname) != 0) { >- if (errno == ENOENT) { >- /* If the file doesn't already exist then >- * yes we'll be able to delete it. */ >- ret = true; >- goto out; >- } >- DEBUG(10,("can_delete_file_in_directory: can't " >- "stat file %s (%s)", >- smb_fname_str_dbg(smb_fname), >- strerror(errno) )); >- ret = false; >+ if (!VALID_STAT(smb_fname->st)) { >+ /* If the file doesn't already exist then >+ * yes we'll be able to delete it. */ >+ ret = true; > goto out; > } > >diff --git a/source3/smbd/open.c b/source3/smbd/open.c >index 693e488..ded07a1 100644 >--- a/source3/smbd/open.c >+++ b/source3/smbd/open.c >@@ -96,6 +96,16 @@ NTSTATUS smbd_check_open_rights(struct connection_struct *conn, > return NT_STATUS_OK; > } > >+ if (access_mask == DELETE_ACCESS && >+ VALID_STAT(smb_fname->st) && >+ S_ISLNK(smb_fname->st.st_ex_mode)) { >+ /* We can always delete a symlink. */ >+ DEBUG(10,("smbd_check_open_rights: not checking ACL " >+ "on DELETE_ACCESS on symlink %s.\n", >+ smb_fname_str_dbg(smb_fname) )); >+ return NT_STATUS_OK; >+ } >+ > status = SMB_VFS_GET_NT_ACL(conn, smb_fname->base_name, > (OWNER_SECURITY_INFORMATION | > GROUP_SECURITY_INFORMATION | >-- >1.7.3.1 >
You cannot view the attachment while viewing its details because your browser does not support IFRAMEs.
View the attachment on a separate page
.
View Attachment As Raw
Actions:
View
Attachments on
bug 8663
:
7194
|
7197
| 7199 |
7200