]> git.ipfire.org Git - thirdparty/samba.git/commitdiff
s3: smbd: Explicitly code the semantics of "dos filemode" into the chown code.
authorJeremy Allison <jra@samba.org>
Mon, 28 Jun 2021 20:54:52 +0000 (13:54 -0700)
committerRalph Boehme <slow@samba.org>
Tue, 13 Jul 2021 08:11:36 +0000 (08:11 +0000)
We actually don't need this to get the right semantics, as the open or the
set_sd() code catches the correct cases and returns ACCESS_DENIED, but it
makes me much happier to see the prerequisites needed expressed in code here
right at the point of use.

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Tue Jul 13 08:11:36 UTC 2021 on sn-devel-184

source3/smbd/posix_acls.c

index 8bfaea27e39be54b7c62edb6c52227b33395c973..899e7dc3c1e2f7293dd2015bb672b1b271d2cea3 100644 (file)
@@ -3440,9 +3440,24 @@ NTSTATUS try_chown(files_struct *fsp, uid_t uid, gid_t gid)
        }
 
        /* Case (4). */
+       /* If "dos filemode" isn't set, we're done. */
        if (!lp_dos_filemode(SNUM(fsp->conn))) {
                return NT_STATUS_ACCESS_DENIED;
        }
+       /*
+        * If we have a writable handle, obviously we
+        * can write to the file.
+        */
+       if (!fsp->fsp_flags.can_write) {
+               /*
+                * If we don't have a writable handle, we
+                * need to read the ACL on the file to
+                * see if we can write to it.
+                */
+               if (!can_write_to_fsp(fsp)) {
+                       return NT_STATUS_ACCESS_DENIED;
+               }
+       }
 
        /* only allow chown to the current user. This is more secure,
           and also copes with the case where the SID in a take ownership ACL is