The Samba-Bugzilla – Attachment 8169 Details for
Bug 9236
ACL masks incorrectly applied when setting ACLs.
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
git-am fix for 3.6.x
0001-Another-fix-needed-for-bug-9236-ACL-masks-incorrectl.patch (text/plain), 1.86 KB, created by
Jeremy Allison
on 2012-11-09 00:45:17 UTC
(
hide
)
Description:
git-am fix for 3.6.x
Filename:
MIME Type:
Creator:
Jeremy Allison
Created:
2012-11-09 00:45:17 UTC
Size:
1.86 KB
patch
obsolete
>From e19ed3277d5d20a2bee2230ca2f1a67545eb9502 Mon Sep 17 00:00:00 2001 >From: Jeremy Allison <jra@samba.org> >Date: Thu, 8 Nov 2012 13:45:19 -0800 >Subject: [PATCH] Another fix needed for bug #9236 - ACL masks incorrectly > applied when setting ACLs. > >Not caught by make test as it's an extreme edge case for strange >incoming ACLs. I only found this as I'm making raw.acls and smb2.acls >pass against 3.6.x with acl_xattr mapped onto a POSIX backend (which >isn't tested in make test). > >An incoming inheritable ACE entry containing only one permission, >WRITE_DATA maps into a POSIX owner perm of "-w-", which violates >the principle that the owner of a file/directory can always read. >--- > source3/smbd/posix_acls.c | 14 ++++++++++---- > 1 files changed, 10 insertions(+), 4 deletions(-) > >diff --git a/source3/smbd/posix_acls.c b/source3/smbd/posix_acls.c >index 22ad40f..8d6e7ec 100644 >--- a/source3/smbd/posix_acls.c >+++ b/source3/smbd/posix_acls.c >@@ -1372,7 +1372,11 @@ static bool ensure_canon_entry_valid(connection_struct *conn, > for (pace = *pp_ace; pace; pace = pace->next) { > if (pace->type == SMB_ACL_USER_OBJ) { > >- if (setting_acl && !is_default_acl) { >+ if (setting_acl) { >+ /* >+ * Ensure we have default parameters for the >+ * user (owner) even on default ACLs. >+ */ > apply_default_perms(params, is_directory, pace, S_IRUSR); > } > got_user = True; >@@ -1452,9 +1456,11 @@ static bool ensure_canon_entry_valid(connection_struct *conn, > pace->perms = pace_other->perms; > } > >- if (!is_default_acl) { >- apply_default_perms(params, is_directory, pace, S_IRUSR); >- } >+ /* >+ * Ensure we have default parameters for the >+ * user (owner) even on default ACLs. >+ */ >+ apply_default_perms(params, is_directory, pace, S_IRUSR); > } else { > pace->perms = unix_perms_to_acl_perms(pst->st_ex_mode, S_IRUSR, S_IWUSR, S_IXUSR); > } >-- >1.7.7.3 >
You cannot view the attachment while viewing its details because your browser does not support IFRAMEs.
View the attachment on a separate page
.
View Attachment As Raw
Flags:
jra
:
review?
(
rsharpe
)
asn
:
review+
Actions:
View
Attachments on
bug 9236
:
7980
|
7981
| 8169 |
8170
|
8171