Bug 14215 - Requesting maximum allowed permission of file with DOS read-only attribute results in access denied error
Summary: Requesting maximum allowed permission of file with DOS read-only attribute re...
Status: NEW
Alias: None
Product: Samba 4.1 and newer
Classification: Unclassified
Component: File services (show other bugs)
Version: unspecified
Hardware: All All
: P5 normal (vote)
Target Milestone: ---
Assignee: Ralph Böhme
QA Contact: Samba QA Contact
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2019-12-12 13:57 UTC by Ralph Böhme
Modified: 2019-12-12 13:59 UTC (History)
2 users (show)

See Also:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Ralph Böhme 2019-12-12 13:57:49 UTC
Steps to reproduce:

* create a file

* set RO DOS attribute on the file

* try to open the file requesting MAXIMUM_ALLOWED permissions

Result: NT_STATUS_ACCESS_DENIED

smbd trips over this in open_file_ntcreate():

        if (flags != O_RDONLY && file_existed &&
            (!CAN_WRITE(conn) || IS_DOS_READONLY(existing_dos_attributes))) {
                DEBUG(5,("open_file_ntcreate: write access requested for "
                         "file %s on read only %s\n",
                         smb_fname_str_dbg(smb_fname),
                         !CAN_WRITE(conn) ? "share" : "file" ));
                errno = EACCES;
                return NT_STATUS_ACCESS_DENIED;
        }

I guess the problem is that smbd_calculate_maximum_allowed_access() doesn't take the RO attribute into account.

Found as part of MR review https://gitlab.com/samba-team/samba/merge_requests/982