From: Andrew Tridgell <tridge@samba.org>
Date: Fri, 5 Mar 2010 11:47:50 +0000 (+1100)
Subject: s4-pvfs: set default for perm override based on system features
X-Git-Tag: samba-3.6.0pre1~4764
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=dae9d20e14cafb7b688a7aa3f3680dafd727fa3f;p=thirdparty%2Fsamba.git

s4-pvfs: set default for perm override based on system features

If the system has O_NOFOLLOW and O_DIRECTORY then we allow for
overrides by default. If not, then we disable by default, as we will
be more vulnerable to symlink attacks
---

diff --git a/source4/ntvfs/posix/vfs_posix.c b/source4/ntvfs/posix/vfs_posix.c
index f22f1d48172..05bdd0a8aa5 100644
--- a/source4/ntvfs/posix/vfs_posix.c
+++ b/source4/ntvfs/posix/vfs_posix.c
@@ -39,6 +39,7 @@ static void pvfs_setup_options(struct pvfs_state *pvfs)
 {
 	struct share_config *scfg = pvfs->ntvfs->ctx->config;
 	const char *eadb;
+	bool def_perm_override = false;
 
 	if (share_bool_option(scfg, SHARE_MAP_HIDDEN, SHARE_MAP_HIDDEN_DEFAULT))
 		pvfs->flags |= PVFS_FLAG_MAP_HIDDEN;
@@ -58,7 +59,14 @@ static void pvfs_setup_options(struct pvfs_state *pvfs)
 		pvfs->flags |= PVFS_FLAG_FAKE_OPLOCKS;
 	if (share_bool_option(scfg, PVFS_AIO, false))
 		pvfs->flags |= PVFS_FLAG_LINUX_AIO;
-	if (share_bool_option(scfg, PVFS_PERM_OVERRIDE, true))
+
+#if defined(O_DIRECTORY) && defined(O_NOFOLLOW)
+	/* set PVFS_PERM_OVERRIDE by default only if the system
+	 * supports the necessary capabilities to make it secure
+	 */
+	def_perm_override = true;
+#endif
+	if (share_bool_option(scfg, PVFS_PERM_OVERRIDE, def_perm_override))
 		pvfs->flags |= PVFS_FLAG_PERM_OVERRIDE;
 
 	/* file perm options */