]> git.ipfire.org Git - thirdparty/samba.git/commitdiff
s3: smbd: Ensure when we change security context we delete any $cwd cache.
authorJeremy Allison <jra@samba.org>
Thu, 7 Oct 2021 21:11:25 +0000 (14:11 -0700)
committerRalph Boehme <slow@samba.org>
Fri, 8 Oct 2021 21:28:04 +0000 (21:28 +0000)
This will ensure we *always* call into the VFS_SMB_CHDIR backends
on security context switch. The $cwd was an optimization that
was only looking at the raw filesystem path. We could delete it
completely but that is a patch for another day.

Remove knownfail on regression test.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14682
RN: vfs_shadow_copy2: core dump in make_relative_path

Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Fri Oct  8 21:28:04 UTC 2021 on sn-devel-184

selftest/knownfail.d/chdir-cache [deleted file]
source3/smbd/sec_ctx.c

diff --git a/selftest/knownfail.d/chdir-cache b/selftest/knownfail.d/chdir-cache
deleted file mode 100644 (file)
index 571701d..0000000
+++ /dev/null
@@ -1 +0,0 @@
-^samba3.blackbox.chdir-cache.*
index d6fd11cd4a37ed387c4cefa28474a9f5c35b1973..4ccda7095284be0505661c3beec43b7992db827c 100644 (file)
@@ -360,6 +360,14 @@ static void set_sec_ctx_internal(uid_t uid, gid_t gid,
        current_user.ut.ngroups = ngroups;
        current_user.ut.groups = groups;
        current_user.nt_user_token = ctx_p->token;
+
+       /*
+        * Delete any ChDir cache. We can't assume
+        * the new uid has access to current working
+        * directory.
+        * BUG: https://bugzilla.samba.org/show_bug.cgi?id=14682
+        */
+       SAFE_FREE(LastDir);
 }
 
 void set_sec_ctx(uid_t uid, gid_t gid, int ngroups, gid_t *groups, const struct security_token *token)