From 19a125d7bc1de42d207ad6ba01606482ae618e2d Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Fri, 25 Apr 2014 16:30:38 -0700 Subject: [PATCH 1/2] s3: smbd - Remove use of open_file_fchmod(). Causes lock violation issues. https://bugzilla.samba.org/show_bug.cgi?id=10564 Signed-off-by: Jeremy Allison --- source3/smbd/dosmode.c | 29 ++++------------------------- 1 file changed, 4 insertions(+), 25 deletions(-) diff --git a/source3/smbd/dosmode.c b/source3/smbd/dosmode.c index 2d07dd9..e95fe05 100644 --- a/source3/smbd/dosmode.c +++ b/source3/smbd/dosmode.c @@ -387,7 +387,6 @@ static bool set_ea_dos_attribute(connection_struct *conn, SAMBA_XATTR_DOS_ATTRIB, blob.data, blob.length, 0) == -1) { bool ret = false; - files_struct *fsp = NULL; if((errno != EPERM) && (errno != EACCES)) { if (errno == ENOSYS @@ -417,23 +416,13 @@ static bool set_ea_dos_attribute(connection_struct *conn, return false; } - /* - * We need to open the file with write access whilst - * still in our current user context. This ensures we - * are not violating security in doing the setxattr. - */ - - if (!NT_STATUS_IS_OK(open_file_fchmod(conn, smb_fname, - &fsp))) - return false; become_root(); - if (SMB_VFS_FSETXATTR(fsp, - SAMBA_XATTR_DOS_ATTRIB, blob.data, - blob.length, 0) == 0) { + if (SMB_VFS_SETXATTR(conn, smb_fname->base_name, + SAMBA_XATTR_DOS_ATTRIB, blob.data, blob.length, + 0) == 0) { ret = true; } unbecome_root(); - close_file(NULL, fsp, NORMAL_CLOSE); return ret; } DEBUG(10,("set_ea_dos_attribute: set EA 0x%x on file %s\n", @@ -710,7 +699,6 @@ int file_set_dosmode(connection_struct *conn, struct smb_filename *smb_fname, int ret = -1, lret = -1; uint32_t old_mode; struct timespec new_create_timespec; - files_struct *fsp = NULL; if (!CAN_WRITE(conn)) { errno = EROFS; @@ -878,18 +866,9 @@ int file_set_dosmode(connection_struct *conn, struct smb_filename *smb_fname, return -1; } - /* - * We need to open the file with write access whilst - * still in our current user context. This ensures we - * are not violating security in doing the fchmod. - */ - if (!NT_STATUS_IS_OK(open_file_fchmod(conn, smb_fname, - &fsp))) - return -1; become_root(); - ret = SMB_VFS_FCHMOD(fsp, unixmode); + ret = SMB_VFS_CHMOD(conn, smb_fname->base_name, unixmode); unbecome_root(); - close_file(NULL, fsp, NORMAL_CLOSE); if (!newfile) { notify_fname(conn, NOTIFY_ACTION_MODIFIED, FILE_NOTIFY_CHANGE_ATTRIBUTES, -- 1.9.1.423.g4596e3a From 028cec9d11a568d7a0ddd4a0c2ffd14d3bcea30e Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Fri, 25 Apr 2014 16:37:40 -0700 Subject: [PATCH 2/2] s3: smbd - remove open_file_fchmod(), no longer used. https://bugzilla.samba.org/show_bug.cgi?id=10564 Signed-off-by: Jeremy Allison --- source3/smbd/open.c | 33 --------------------------------- source3/smbd/proto.h | 3 --- 2 files changed, 36 deletions(-) diff --git a/source3/smbd/open.c b/source3/smbd/open.c index 6e4f690..3cc2545 100644 --- a/source3/smbd/open.c +++ b/source3/smbd/open.c @@ -2830,39 +2830,6 @@ static NTSTATUS open_file_ntcreate(connection_struct *conn, return NT_STATUS_OK; } - -/**************************************************************************** - Open a file for for write to ensure that we can fchmod it. -****************************************************************************/ - -NTSTATUS open_file_fchmod(connection_struct *conn, - struct smb_filename *smb_fname, - files_struct **result) -{ - if (!VALID_STAT(smb_fname->st)) { - return NT_STATUS_INVALID_PARAMETER; - } - - return SMB_VFS_CREATE_FILE( - conn, /* conn */ - NULL, /* req */ - 0, /* root_dir_fid */ - smb_fname, /* fname */ - FILE_WRITE_DATA, /* access_mask */ - (FILE_SHARE_READ | FILE_SHARE_WRITE | /* share_access */ - FILE_SHARE_DELETE), - FILE_OPEN, /* create_disposition*/ - 0, /* create_options */ - 0, /* file_attributes */ - INTERNAL_OPEN_ONLY, /* oplock_request */ - 0, /* allocation_size */ - 0, /* private_flags */ - NULL, /* sd */ - NULL, /* ea_list */ - result, /* result */ - NULL); /* pinfo */ -} - static NTSTATUS mkdir_internal(connection_struct *conn, struct smb_filename *smb_dname, uint32 file_attributes) diff --git a/source3/smbd/proto.h b/source3/smbd/proto.h index 1e0d06d..6153a49 100644 --- a/source3/smbd/proto.h +++ b/source3/smbd/proto.h @@ -620,9 +620,6 @@ NTSTATUS change_dir_owner_to_parent(connection_struct *conn, SMB_STRUCT_STAT *psbuf); bool is_stat_open(uint32 access_mask); bool is_deferred_open_async(const void *ptr); -NTSTATUS open_file_fchmod(connection_struct *conn, - struct smb_filename *smb_fname, - files_struct **result); NTSTATUS create_directory(connection_struct *conn, struct smb_request *req, struct smb_filename *smb_dname); void msg_file_was_renamed(struct messaging_context *msg, -- 1.9.1.423.g4596e3a