3343 – Filesystem ACLs not cleared on inherited permissions when altering

Bug 3343 - Filesystem ACLs not cleared on inherited permissions when altering

Summary: Filesystem ACLs not cleared on inherited permissions when altering

Status:	RESOLVED FIXED

Alias:	None

Product:	Samba 3.0
Classification:	Unclassified
Component:	File Services (show other bugs)
Version:	3.0.20b
Hardware:	All Linux

Importance:	P3 normal
Target Milestone:	none
Assignee:	Samba Bugzilla Account
QA Contact:	Samba QA Contact

URL:
Keywords:

Depends on:
Blocks:

Reported:	2005-12-20 09:27 UTC by James Cooley (dead mail address)
Modified:	2020-12-20 20:57 UTC (History)
CC List:	1 user (show)

See Also:

Attachments
patch: do not double-free on error case (allow-deny ordered ACE) (767 bytes, patch) 2006-01-24 20:38 UTC, SATOH Fumiyasu	no flags	Details
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description James Cooley (dead mail address) 2005-12-20 09:27:10 UTC

Samba appears to try to apply deny ACLs before removing previously existing ACCEPT ACLs on files that are inheriting permissions, when the permissions are changed from the upper-level folder.


Steps to reproduce

1.  Acl inheritance is enabled
2.  User changes an ACL from an allow ACL to a deny ACL on an folder containing files.
3.  When Samba tries to set the ACL on the files inside the folder, it appears to apply the new DENY acl entry before removing the ALLOW ACL entry on the file.  



Debug output from the ACL attempt:

[2005/12/20 10:57:30, 3] smbd/nttrans.c:call_nt_transact_set_security_desc(2081)
  call_nt_transact_set_security_desc: file = test/New Text Document.txt, sent 0x20000004
[2005/12/20 10:57:30, 6] rpc_parse/parse_prs.c:prs_debug(82)
      000000 sec_io_desc sd data
[2005/12/20 10:57:30, 5] rpc_parse/parse_prs.c:prs_uint16(642)
          0000 revision : 0001
[2005/12/20 10:57:30, 5] rpc_parse/parse_prs.c:prs_uint16(642)
          0002 type     : 8d04
[2005/12/20 10:57:30, 5] rpc_parse/parse_prs.c:prs_uint32(671)
          0004 off_owner_sid: 000000e4
[2005/12/20 10:57:30, 5] rpc_parse/parse_prs.c:prs_uint32(671)
          0008 off_grp_sid  : 00000100
[2005/12/20 10:57:30, 5] rpc_parse/parse_prs.c:prs_uint32(671)
          000c off_sacl     : 00000000
[2005/12/20 10:57:30, 5] rpc_parse/parse_prs.c:prs_uint32(671)
          0010 off_dacl     : 00000014
[2005/12/20 10:57:30, 5] rpc_parse/parse_prs.c:prs_uint8(582)
              00e4 sid_rev_num: 01
[2005/12/20 10:57:30, 5] rpc_parse/parse_prs.c:prs_uint8(582)
              00e5 num_auths  : 05
[2005/12/20 10:57:30, 5] rpc_parse/parse_prs.c:prs_uint8(582)
              00e6 id_auth[0] : 00
[2005/12/20 10:57:30, 5] rpc_parse/parse_prs.c:prs_uint8(582)
              00e7 id_auth[1] : 00
[2005/12/20 10:57:30, 5] rpc_parse/parse_prs.c:prs_uint8(582)
              00e8 id_auth[2] : 00
[2005/12/20 10:57:30, 5] rpc_parse/parse_prs.c:prs_uint8(582)
              00e9 id_auth[3] : 00
[2005/12/20 10:57:30, 5] rpc_parse/parse_prs.c:prs_uint8(582)
              00ea id_auth[4] : 00
[2005/12/20 10:57:30, 5] rpc_parse/parse_prs.c:prs_uint8(582)
              00eb id_auth[5] : 05
[2005/12/20 10:57:30, 5] rpc_parse/parse_prs.c:prs_uint32s(898)
              00ec sub_auths : 00000015 91557059 8578e8e8 67ac8f09 00001744
[2005/12/20 10:57:30, 5] rpc_parse/parse_prs.c:prs_uint8(582)
              0100 sid_rev_num: 01
[2005/12/20 10:57:30, 5] rpc_parse/parse_prs.c:prs_uint8(582)
              0101 num_auths  : 05
[2005/12/20 10:57:30, 5] rpc_parse/parse_prs.c:prs_uint8(582)
              0102 id_auth[0] : 00
[2005/12/20 10:57:30, 5] rpc_parse/parse_prs.c:prs_uint8(582)
              0103 id_auth[1] : 00
[2005/12/20 10:57:30, 5] rpc_parse/parse_prs.c:prs_uint8(582)
              0104 id_auth[2] : 00
[2005/12/20 10:57:30, 5] rpc_parse/parse_prs.c:prs_uint8(582)
              0105 id_auth[3] : 00
[2005/12/20 10:57:30, 5] rpc_parse/parse_prs.c:prs_uint8(582)
              0106 id_auth[4] : 00
[2005/12/20 10:57:30, 5] rpc_parse/parse_prs.c:prs_uint8(582)
              0107 id_auth[5] : 05
[2005/12/20 10:57:30, 5] rpc_parse/parse_prs.c:prs_uint32s(898)
              0108 sub_auths : 00000015 91557059 8578e8e8 67ac8f09 00006653
[2005/12/20 10:57:30, 5] rpc_parse/parse_prs.c:prs_uint16(642)
              0014 revision: 0002
[2005/12/20 10:57:30, 5] rpc_parse/parse_prs.c:prs_uint16(642)
              0016 size     : 00d0
[2005/12/20 10:57:30, 5] rpc_parse/parse_prs.c:prs_uint32(671)
              0018 num_aces : 00000006
[2005/12/20 10:57:30, 5] rpc_parse/parse_prs.c:prs_uint8(582)
                  001c type : 00
[2005/12/20 10:57:30, 5] rpc_parse/parse_prs.c:prs_uint8(582)
                  001d flags: 00
[2005/12/20 10:57:30, 5] rpc_parse/parse_prs.c:prs_uint16(642)
                  001e size : 0024
[2005/12/20 10:57:30, 5] rpc_parse/parse_prs.c:prs_uint32(671)
                      0020 mask: 001f01ff
[2005/12/20 10:57:30, 5] rpc_parse/parse_prs.c:prs_uint8(582)
                      0024 sid_rev_num: 01
[2005/12/20 10:57:30, 5] rpc_parse/parse_prs.c:prs_uint8(582)
                      0025 num_auths  : 05
[2005/12/20 10:57:30, 5] rpc_parse/parse_prs.c:prs_uint8(582)
                      0026 id_auth[0] : 00
[2005/12/20 10:57:30, 5] rpc_parse/parse_prs.c:prs_uint8(582)
                      0027 id_auth[1] : 00
[2005/12/20 10:57:30, 5] rpc_parse/parse_prs.c:prs_uint8(582)
                      0028 id_auth[2] : 00
[2005/12/20 10:57:30, 5] rpc_parse/parse_prs.c:prs_uint8(582)
                      0029 id_auth[3] : 00
[2005/12/20 10:57:30, 5] rpc_parse/parse_prs.c:prs_uint8(582)
                      002a id_auth[4] : 00
[2005/12/20 10:57:30, 5] rpc_parse/parse_prs.c:prs_uint8(582)
                      002b id_auth[5] : 05
[2005/12/20 10:57:30, 5] rpc_parse/parse_prs.c:prs_uint32s(898)
                      002c sub_auths : 00000015 91557059 8578e8e8 67ac8f09 00001744
[2005/12/20 10:57:30, 5] rpc_parse/parse_prs.c:prs_uint8(582)
                  0040 type : 00
[2005/12/20 10:57:30, 5] rpc_parse/parse_prs.c:prs_uint8(582)
                  0041 flags: 00
[2005/12/20 10:57:30, 5] rpc_parse/parse_prs.c:prs_uint16(642)
                  0042 size : 0024
[2005/12/20 10:57:30, 5] rpc_parse/parse_prs.c:prs_uint32(671)
                      0044 mask: 0012019f
[2005/12/20 10:57:30, 5] rpc_parse/parse_prs.c:prs_uint8(582)
                      0048 sid_rev_num: 01
[2005/12/20 10:57:30, 5] rpc_parse/parse_prs.c:prs_uint8(582)
                      0049 num_auths  : 05
[2005/12/20 10:57:30, 5] rpc_parse/parse_prs.c:prs_uint8(582)
                      004a id_auth[0] : 00
[2005/12/20 10:57:30, 5] rpc_parse/parse_prs.c:prs_uint8(582)
                      004b id_auth[1] : 00
[2005/12/20 10:57:30, 5] rpc_parse/parse_prs.c:prs_uint8(582)
                      004c id_auth[2] : 00
[2005/12/20 10:57:30, 5] rpc_parse/parse_prs.c:prs_uint8(582)
                      004d id_auth[3] : 00
[2005/12/20 10:57:30, 5] rpc_parse/parse_prs.c:prs_uint8(582)
                      004e id_auth[4] : 00
[2005/12/20 10:57:30, 5] rpc_parse/parse_prs.c:prs_uint8(582)
                      004f id_auth[5] : 05
[2005/12/20 10:57:30, 5] rpc_parse/parse_prs.c:prs_uint32s(898)
                      0050 sub_auths : 00000015 91557059 8578e8e8 67ac8f09 00006653
[2005/12/20 10:57:30, 5] rpc_parse/parse_prs.c:prs_uint8(582)
                  0064 type : 01
[2005/12/20 10:57:30, 5] rpc_parse/parse_prs.c:prs_uint8(582)
                  0065 flags: 10
[2005/12/20 10:57:30, 5] rpc_parse/parse_prs.c:prs_uint16(642)
                  0066 size : 0024
[2005/12/20 10:57:30, 5] rpc_parse/parse_prs.c:prs_uint32(671)
                      0068 mask: 000f01ff
[2005/12/20 10:57:30, 5] rpc_parse/parse_prs.c:prs_uint8(582)
                      006c sid_rev_num: 01
[2005/12/20 10:57:30, 5] rpc_parse/parse_prs.c:prs_uint8(582)
                      006d num_auths  : 05
[2005/12/20 10:57:30, 5] rpc_parse/parse_prs.c:prs_uint8(582)
                      006e id_auth[0] : 00
[2005/12/20 10:57:30, 5] rpc_parse/parse_prs.c:prs_uint8(582)
                      006f id_auth[1] : 00
[2005/12/20 10:57:30, 5] rpc_parse/parse_prs.c:prs_uint8(582)
                      0070 id_auth[2] : 00
[2005/12/20 10:57:30, 5] rpc_parse/parse_prs.c:prs_uint8(582)
                      0071 id_auth[3] : 00
[2005/12/20 10:57:30, 5] rpc_parse/parse_prs.c:prs_uint8(582)
                      0072 id_auth[4] : 00
[2005/12/20 10:57:30, 5] rpc_parse/parse_prs.c:prs_uint8(582)
                      0073 id_auth[5] : 05
[2005/12/20 10:57:30, 5] rpc_parse/parse_prs.c:prs_uint32s(898)
                      0074 sub_auths : 00000015 91557059 8578e8e8 67ac8f09 0000664e
[2005/12/20 10:57:30, 5] rpc_parse/parse_prs.c:prs_uint8(582)
                  0088 type : 00
[2005/12/20 10:57:30, 5] rpc_parse/parse_prs.c:prs_uint8(582)
                  0089 flags: 10
[2005/12/20 10:57:30, 5] rpc_parse/parse_prs.c:prs_uint16(642)
                  008a size : 0024
[2005/12/20 10:57:30, 5] rpc_parse/parse_prs.c:prs_uint32(671)
                      008c mask: 00100000
[2005/12/20 10:57:30, 5] rpc_parse/parse_prs.c:prs_uint8(582)
                      0090 sid_rev_num: 01
[2005/12/20 10:57:30, 5] rpc_parse/parse_prs.c:prs_uint8(582)
                      0091 num_auths  : 05
[2005/12/20 10:57:30, 5] rpc_parse/parse_prs.c:prs_uint8(582)
                      0092 id_auth[0] : 00
[2005/12/20 10:57:30, 5] rpc_parse/parse_prs.c:prs_uint8(582)
                      0093 id_auth[1] : 00
[2005/12/20 10:57:30, 5] rpc_parse/parse_prs.c:prs_uint8(582)
                      0094 id_auth[2] : 00
[2005/12/20 10:57:30, 5] rpc_parse/parse_prs.c:prs_uint8(582)
                      0095 id_auth[3] : 00
[2005/12/20 10:57:30, 5] rpc_parse/parse_prs.c:prs_uint8(582)
                      0096 id_auth[4] : 00
[2005/12/20 10:57:30, 5] rpc_parse/parse_prs.c:prs_uint8(582)
                      0097 id_auth[5] : 05
[2005/12/20 10:57:30, 5] rpc_parse/parse_prs.c:prs_uint32s(898)
                      0098 sub_auths : 00000015 91557059 8578e8e8 67ac8f09 00006653
[2005/12/20 10:57:30, 5] rpc_parse/parse_prs.c:prs_uint8(582)
                  00ac type : 00
[2005/12/20 10:57:30, 5] rpc_parse/parse_prs.c:prs_uint8(582)
                  00ad flags: 10
[2005/12/20 10:57:30, 5] rpc_parse/parse_prs.c:prs_uint16(642)
                  00ae size : 0024
[2005/12/20 10:57:30, 5] rpc_parse/parse_prs.c:prs_uint32(671)
                      00b0 mask: 001f01ff
[2005/12/20 10:57:30, 5] rpc_parse/parse_prs.c:prs_uint8(582)
                      00b4 sid_rev_num: 01
[2005/12/20 10:57:30, 5] rpc_parse/parse_prs.c:prs_uint8(582)
                      00b5 num_auths  : 05
[2005/12/20 10:57:30, 5] rpc_parse/parse_prs.c:prs_uint8(582)
                      00b6 id_auth[0] : 00
[2005/12/20 10:57:30, 5] rpc_parse/parse_prs.c:prs_uint8(582)
                      00b7 id_auth[1] : 00
[2005/12/20 10:57:30, 5] rpc_parse/parse_prs.c:prs_uint8(582)
                      00b8 id_auth[2] : 00
[2005/12/20 10:57:30, 5] rpc_parse/parse_prs.c:prs_uint8(582)
                      00b9 id_auth[3] : 00
[2005/12/20 10:57:30, 5] rpc_parse/parse_prs.c:prs_uint8(582)
                      00ba id_auth[4] : 00
[2005/12/20 10:57:30, 5] rpc_parse/parse_prs.c:prs_uint8(582)
                      00bb id_auth[5] : 05
[2005/12/20 10:57:30, 5] rpc_parse/parse_prs.c:prs_uint32s(898)
                      00bc sub_auths : 00000015 91557059 8578e8e8 67ac8f09 00001744
[2005/12/20 10:57:30, 5] rpc_parse/parse_prs.c:prs_uint8(582)
                  00d0 type : 00
[2005/12/20 10:57:30, 5] rpc_parse/parse_prs.c:prs_uint8(582)
                  00d1 flags: 10
[2005/12/20 10:57:30, 5] rpc_parse/parse_prs.c:prs_uint16(642)
                  00d2 size : 0014
[2005/12/20 10:57:30, 5] rpc_parse/parse_prs.c:prs_uint32(671)
                      00d4 mask: 00100000
[2005/12/20 10:57:30, 5] rpc_parse/parse_prs.c:prs_uint8(582)
                      00d8 sid_rev_num: 01
[2005/12/20 10:57:30, 5] rpc_parse/parse_prs.c:prs_uint8(582)
                      00d9 num_auths  : 01
[2005/12/20 10:57:30, 5] rpc_parse/parse_prs.c:prs_uint8(582)
                      00da id_auth[0] : 00
[2005/12/20 10:57:30, 5] rpc_parse/parse_prs.c:prs_uint8(582)
                      00db id_auth[1] : 00
[2005/12/20 10:57:30, 5] rpc_parse/parse_prs.c:prs_uint8(582)
                      00dc id_auth[2] : 00
[2005/12/20 10:57:30, 5] rpc_parse/parse_prs.c:prs_uint8(582)
                      00dd id_auth[3] : 00
[2005/12/20 10:57:30, 5] rpc_parse/parse_prs.c:prs_uint8(582)
                      00de id_auth[4] : 00
[2005/12/20 10:57:30, 5] rpc_parse/parse_prs.c:prs_uint8(582)
                      00df id_auth[5] : 01
[2005/12/20 10:57:30, 5] rpc_parse/parse_prs.c:prs_uint32s(898)
                      00e0 sub_auths : 00000000
[2005/12/20 10:57:30, 5] smbd/posix_acls.c:unpack_nt_owners(919)
  unpack_nt_owners: validating owner_sids.
[2005/12/20 10:57:30, 5] smbd/posix_acls.c:unpack_nt_owners(962)
  unpack_nt_owners: owner_sids validated.
[2005/12/20 10:57:30, 3] passdb/lookup_sid.c:fetch_sid_from_uid_cache(158)
  fetch sid from uid cache 27835 -> S-1-5-21-2438295641-2239293672-1739362057-5956
[2005/12/20 10:57:30, 3] passdb/lookup_sid.c:fetch_sid_from_gid_cache(232)
  fetch sid from gid cache 72027 -> S-1-5-21-2438295641-2239293672-1739362057-26195
[2005/12/20 10:57:30, 3] passdb/lookup_sid.c:fetch_uid_from_cache(179)
  fetch uid from cache 27835 -> S-1-5-21-2438295641-2239293672-1739362057-5956
[2005/12/20 10:57:30, 3] passdb/lookup_sid.c:fetch_gid_from_cache(253)
  fetch gid from cache 72027 -> S-1-5-21-2438295641-2239293672-1739362057-26195
[2005/12/20 10:57:30, 3] passdb/lookup_sid.c:fetch_gid_from_cache(253)
  fetch gid from cache 72033 -> S-1-5-21-2438295641-2239293672-1739362057-26190
[2005/12/20 10:57:30, 0] smbd/posix_acls.c:create_canon_ace_lists(1506)
  create_canon_ace_lists: malformed ACL in file ACL ! Deny entry after Allow entry. Failing to set on file test/New Text Doc
ument.txt.
*** glibc detected *** double free or corruption (!prev): 0x000000552af4cee0 ***

Comment 1 SATOH Fumiyasu 2006-01-24 20:38:40 UTC

Created attachment 1706 [details]
patch: do not double-free on error case (allow-deny ordered ACE)

This is a patch to fix the double-free problem only.

To fix this bug completely, we should
  A) Add support "Deny ACE after Allow ACE" ACLs to Samba.
or
  B) This is a Samba's limitation (spec.), but we must
     fix Samba to return error status to client in this case.
     (Samba with this patch does not returns error status
      to the client in this case because set_nt_acl()
      returns True (indicates success) if
      create_canon_ace_lists() returns False.)

Comment 2 Jeremy Allison 2006-01-24 22:02:03 UTC

Perfect patch - thanks Fumiyasu-san ! Applied. Jerry please apply for 3.0.21b.
Jeremy.