Bug 10789 - Unable to open a file for write if the file is not owned by the user but is writable by 'others'
Unable to open a file for write if the file is not owned by the user but is w...
Status: NEW
Product: Samba 4.1 and newer
Classification: Unclassified
Component: File services
4.1.11
All All
: P5 major
: ---
Assigned To: Samba QA Contact
Samba QA Contact
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2014-08-27 18:32 UTC by YOUZHONG YANG
Modified: 2014-08-29 07:39 UTC (History)
1 user (show)

See Also:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description YOUZHONG YANG 2014-08-27 18:32:37 UTC
This is a regression in Samba 4. It works well in Samba 3.6.23.

Here is the C code which can be used to open a file for write:

#include <SDKDDKVer.h>
#include <Windows.h>
#include <stdio.h>
#include <tchar.h>
#include <conio.h>
#include <ctype.h>

int _tmain(int argc, _TCHAR* argv[])
{
	HANDLE hFile;

	if(argc <= 1) return 1;

	// Open the existing file.
	hFile = CreateFile(argv[1], 
		GENERIC_READ | GENERIC_WRITE, 
		FILE_SHARE_WRITE | FILE_SHARE_READ,
		NULL,                     
		OPEN_EXISTING,            
		FILE_ATTRIBUTE_NORMAL,    
		NULL);                    
	if (hFile == INVALID_HANDLE_VALUE)
	{
		printf("ERROR: CreateFile() = %d\n", GetLastError()); 
		return 1;
	}
	printf("File opened, press any key to exit ...\n");
	getch();
	CloseHandle(hFile);
	return 0;
}

Further investigation found that the smbd_check_access_rights() inside open_file() in source3/smbd/open.c returns ACCESS_DENIED error:

/* Can we access this file ? */
if (!fsp->base_fsp) {
	/* Only do this check on non-stream open. */
	if (file_existed) {
		status = smbd_check_access_rights(conn,
				smb_fname,
				false,
				access_mask);
	} else if (local_flags & O_CREAT){
		status = check_parent_access(conn,
				smb_fname, SEC_DIR_ADD_FILE);
	} else {
		/* File didn't exist and no O_CREAT. */
		return NT_STATUS_OBJECT_NAME_NOT_FOUND;
	}
.
.
.
}