Created attachment 13513 [details] Possible patch for master When chaning DOS attributes we currently require that the authenticated user has FILE_WRITE_DATA permissions on the file or directory (by virtue of calling can_write_to_file()). A Windows server allows changing the DOS attributes if the user has FILE_WRITE_ATTRIBUTES (WA): PS C:\Users\Administrator> icacls.exe C:\share\smb.pcap C:\share\smb.pcap BUILTIN\Administrators:(Rc,S,RD,RA,WA) $ ./bin/smbclient -U "riverside\Administrator" -m smb3 //10.10.11.14/share -c "setmode smb.pcap +r" Enter RIVERSIDE\Administrator's password: $ ./bin/smbclient -U "riverside\Administrator" -m smb3 //10.10.11.14/share -c "ls smb.pcap" Enter RIVERSIDE\Administrator's password: smb.pcap AR 566018449 Wed May 31 15:15:33 2017 $ ./bin/smbclient -U "riverside\Administrator" -m smb3 //10.10.11.14/share -c "setmode smb.pcap -r" Enter RIVERSIDE\Administrator's password: $ ./bin/smbclient -U "riverside\Administrator" -m smb3 //10.10.11.14/share -c "ls smb.pcap" Enter RIVERSIDE\Administrator's password: smb.pcap A 566018449 Wed May 31 15:15:33 2017 With the same permissions Samba denies modifying the DOS attribute: $ ./bin/smbcacls -U slow%x -m smb3 //localhost/share "README" REVISION:1 CONTROL:SR|DP OWNER:SLOWSERVER\slow GROUP:SLOWSERVER\None ACL:Everyone:ALLOWED/0x0/READ ACL:SLOWSERVER\None:ALLOWED/0x0/READ ACL:SLOWSERVER\slow:ALLOWED/0x0/0x00120181 ACL:SLOWSERVER\fast:ALLOWED/0x0/FULL $ ./bin/smbclient -U slow%x -m smb3 //localhost/share -c "ls README" README A 8859 Tue Aug 29 15:18:22 2017 Setting as user slow who has 0x00120181 (read + write attributes) permissions fails: $ ./bin/smbclient -U slow%x -m smb3 //localhost/share -c "setmode README +r" cli_setatr failed: NT_STATUS_ACCESS_DENIED Setting as user fast who has full permissions succeeds: $ ./bin/smbclient -U fast%x -m smb3 //localhost/share -c "setmode README +r" So checking for FILE_WRITE_DATA instead of FILE_WRITE_ATTRIBUTES is one problem, but there are more if the underlying file only grants read access to the user. Attaching a WIP patch for master.
Looks good Ralph. Ping me when you want review and merge !
Created attachment 13650 [details] get-am fix for master. OK, can you try this generic patch for smbd. It changes the behaviour for chdir+getwd()-fail to be return to previous directory, instead of panic. This should simply prevent you from chdir()'ing into a directory for which you can't getwd(). Can you test this both with and without the shadow_copy2 module ? If we still crash with the shadow_copy2 module then we probably need both this and the previous patch. Cheers, Jeremy.
Arg, sorry about that - attached patch for wrong bug :-(.
Comment on attachment 13513 [details] Possible patch for master Not quite correct.
Created attachment 13683 [details] Patch for master This should do the trick.
Created attachment 13701 [details] git-am fix cherry-pick from master for 4.7.next.
Created attachment 13702 [details] git-am backport from master to 4.6.next.
Comment on attachment 13701 [details] git-am fix cherry-pick from master for 4.7.next. Thanks for doing the backports!
Reassigning to Karolin for inclusion in 4.6 and 4.7.
(In reply to Ralph Böhme from comment #10) Pushed to autobuild-v4-{7,6}-test.
(In reply to Karolin Seeger from comment #11) Pushed to both branches. Closing out bug report. Thanks!