Doing this in open_file() is too late, as when the client requests an open with
SEC_FLAG_MAXIMUM_ALLOWED on a directory that has FILE_ATTRIBUTE_READ_ONLY set,
this will currently trigger an NT_STATUS_ACCESS_DENIED by the following code in
open_file_ntcreate() if the ACL grants write access to the user:
if (((flags & O_ACCMODE) != O_RDONLY) && file_existed &&
(!CAN_WRITE(conn) ||
(existing_dos_attributes & FILE_ATTRIBUTE_READONLY))) {
DEBUG(5,("open_file_ntcreate: write access requested for "
"file %s on read only %s\n",
smb_fname_str_dbg(smb_fname),
!CAN_WRITE(conn) ? "share" : "file" ));
return NT_STATUS_ACCESS_DENIED;
}
Fixes this bug, but should otherwise cause no change in behaviour.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=16030
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Wed Apr 29 12:00:18 UTC 2026 on atb-devel-224
+++ /dev/null
-^samba3.smb2.maximum_allowed.read_only_dir\(.*\)
bool open_fd = false;
bool posix_open = fsp->fsp_flags.posix_open;
- /*
- * Catch early an attempt to open an existing
- * directory as a file.
- */
- if (file_existed && S_ISDIR(fsp->fsp_name->st.st_ex_mode)) {
- return NT_STATUS_FILE_IS_A_DIRECTORY;
- }
-
/*
* This little piece of insanity is inspired by the
* fact that an NT client can open a file for O_RDONLY,
req->vuid);
}
+ /*
+ * Catch early an attempt to open an existing
+ * directory as a file.
+ */
+ if (file_existed && S_ISDIR(fsp->fsp_name->st.st_ex_mode)) {
+ return NT_STATUS_FILE_IS_A_DIRECTORY;
+ }
+
if (new_dos_attributes & FILE_FLAG_POSIX_SEMANTICS) {
posix_open = True;
unx_mode = (mode_t)(new_dos_attributes & ~FILE_FLAG_POSIX_SEMANTICS);
projects / thirdparty / samba.git / commitdiff
