From: David Mulder Date: Thu, 1 Dec 2022 17:53:44 +0000 (-0700) Subject: smbd: Ensure share root POSIX attrs are cleared after mode_fn X-Git-Tag: talloc-2.4.1~1155 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=3f33ea95eb654ab41636f2216002d7916fc56521;p=thirdparty%2Fsamba.git smbd: Ensure share root POSIX attrs are cleared after mode_fn The call to mode_fn (smbd_dirptr_lanman2_mode_fn) was filling the cleared attributes back in to the stat. Ensure the clear happens after this call. Signed-off-by: David Mulder Signed-off-by: Jeremy Allison Reviewed-by: Ralph Boehme --- diff --git a/source3/smbd/dir.c b/source3/smbd/dir.c index 859c8f0dc83..09029ee0c23 100644 --- a/source3/smbd/dir.c +++ b/source3/smbd/dir.c @@ -979,13 +979,6 @@ bool smbd_dirptr_get_entry(TALLOC_CTX *ctx, smb_fname = tmp_smb_fname; mode = FILE_ATTRIBUTE_DIRECTORY; get_dosmode = false; - - /* Ensure posix fileid and sids are hidden - */ - smb_fname->st.st_ex_ino = 0; - smb_fname->st.st_ex_dev = 0; - smb_fname->st.st_ex_uid = -1; - smb_fname->st.st_ex_gid = -1; } ok = mode_fn(ctx, @@ -1005,6 +998,20 @@ bool smbd_dirptr_get_entry(TALLOC_CTX *ctx, TALLOC_FREE(atname); + /* + * Don't leak INO/DEV/User SID/Group SID about the containing + * directory of the share. This MUST happen AFTER the call to + * mode_fn(). + */ + if (dirptr_path_is_dot && ISDOTDOT(dname)) { + /* Ensure posix fileid and sids are hidden + */ + smb_fname->st.st_ex_ino = 0; + smb_fname->st.st_ex_dev = 0; + smb_fname->st.st_ex_uid = -1; + smb_fname->st.st_ex_gid = -1; + } + /* * The only valid cases where we return the directory entry if * it's a symlink are: