Bug 9747 - When creating a directory Samba allows inherited bit to slip through
Summary: When creating a directory Samba allows inherited bit to slip through
Status: RESOLVED FIXED
Alias: None
Product: Samba 4.0
Classification: Unclassified
Component: File services (show other bugs)
Version: 4.0.4
Hardware: All All
: P5 normal (vote)
Target Milestone: ---
Assignee: Karolin Seeger
QA Contact: Samba QA Contact
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2013-03-27 22:08 UTC by Richard Sharpe
Modified: 2013-04-07 19:16 UTC (History)
0 users

See Also:


Attachments
The patch suggested by Jeremy (503 bytes, text/plain)
2013-03-27 22:09 UTC, Richard Sharpe
no flags Details
A cleaned up patch (980 bytes, patch)
2013-03-28 02:43 UTC, Richard Sharpe
jra: review+
Details
git-am fix for 3.6.next (881 bytes, patch)
2013-03-28 16:38 UTC, Jeremy Allison
rsharpe: review+
Details

Note You need to log in before you can comment on or make changes to this bug.
Description Richard Sharpe 2013-03-27 22:08:32 UTC
When creating a directory where the parent does not specify SEC_DESC_DACL_AUTO_INHERIT Samba still allows the SEC_ACE_FLAG_INHERITED_ACE bit to slip through when it should not.

Fix discussed on Samba technical will be attached.
Comment 1 Richard Sharpe 2013-03-27 22:09:20 UTC
Created attachment 8693 [details]
The patch suggested by Jeremy
Comment 2 Richard Sharpe 2013-03-28 02:43:54 UTC
Created attachment 8694 [details]
A cleaned up patch

This patch is more correctly formatted.

Looking for a review from someone.

Please push when ready. This should apply cleanly to 3.6.next as well.
Comment 3 Volker Lendecke 2013-03-28 13:15:45 UTC
Comment on attachment 8694 [details]
A cleaned up patch

To be honest, I don't believe I am the right person to do the review here. I've not taken a close enough look at acls for ages, sorry. Jeremy, putting you in...
Comment 4 Richard Sharpe 2013-03-28 14:07:04 UTC
(In reply to comment #3)
> Comment on attachment 8694 [details]
> A cleaned up patch
> 
> To be honest, I don't believe I am the right person to do the review here. I've
> not taken a close enough look at acls for ages, sorry. Jeremy, putting you
> in...

I don't think Jeremy can review it, because it is signed off by him (since he moved my original change to that location.)

We will have to find another reviewer. Perhaps Ira?
Comment 5 Jeremy Allison 2013-03-28 15:45:09 UTC
No, 2 Team engineers is enough for a review. I'll push to autobuild and update a 4.0.next and 3.6.next patch for Karolin.

Jeremy.
Comment 6 Jeremy Allison 2013-03-28 16:35:34 UTC
Comment on attachment 8694 [details]
A cleaned up patch

LGTM. Pushed to master.
Comment 7 Jeremy Allison 2013-03-28 16:38:49 UTC
Created attachment 8695 [details]
git-am fix for 3.6.next

Richard, once you've reviewed I'll get this included in 3.6.next and 4.0.next.

Jeremy.
Comment 8 Jeremy Allison 2013-03-28 18:15:12 UTC
Re-assigning to Karolin for inclusion in 3.6.next and 4.0.next.
Jeremy.
Comment 9 Karolin Seeger 2013-04-02 19:26:30 UTC
Pushed to v3-6-test and autobuild-v4-0-test.
Comment 10 Karolin Seeger 2013-04-07 19:16:09 UTC
Pushed to v4-0-test.
Closing out bug report.

Thanks!