smbd: fix opening a READ-ONLY file with SEC_FLAG_MAXIMUM_ALLOWED

author Ralph Boehme <slow@samba.org>

Fri, 19 Aug 2022 10:02:43 +0000 (12:02 +0200)

committer Jeremy Allison <jra@samba.org>

Mon, 29 Aug 2022 18:20:19 +0000 (18:20 +0000)
author Ralph Boehme <slow@samba.org>
Fri, 19 Aug 2022 10:02:43 +0000 (12:02 +0200)
committer Jeremy Allison <jra@samba.org>
Mon, 29 Aug 2022 18:20:19 +0000 (18:20 +0000)
diff --git a/selftest/knownfail.d/samba3.smb2.maximum_allowed.read_only b/selftest/knownfail.d/samba3.smb2.maximum_allowed.read_only

deleted file mode 100644 (file)

index 80fb1a3..0000000
--- a/selftest/knownfail.d/samba3.smb2.maximum_allowed.read_only
+++ /dev/null
@@ -1 +0,0 @@
-^samba3.smb2.maximum_allowed.read_only
diff --git a/source3/smbd/open.c b/source3/smbd/open.c

index 3dd9f69b8ccdbacce94e15d7539559952dc1fbfa..db0cb47d34d66f1be0f0a1a23804fa53c0d4f75b 100644 (file)
--- a/source3/smbd/open.c
+++ b/source3/smbd/open.c
@@ -3269,6 +3269,7 @@ static NTSTATUS smbd_calculate_maximum_allowed_access_fsp(
  {
         struct security_descriptor *sd = NULL;
         uint32_t access_granted = 0;
+       uint32_t dosattrs;
         NTSTATUS status;
  
         /* Cope with symlinks */
@@ -3345,6 +3346,11 @@ static NTSTATUS smbd_calculate_maximum_allowed_access_fsp(
                 }
         }
  
+       dosattrs = fdos_mode(fsp);
+       if (IS_DOS_READONLY(dosattrs) || !CAN_WRITE(fsp->conn)) {
+               *p_access_mask &= ~(FILE_GENERIC_WRITE | DELETE_ACCESS);
+       }
+
         return NT_STATUS_OK;
  }
author	Ralph Boehme <slow@samba.org>
	Fri, 19 Aug 2022 10:02:43 +0000 (12:02 +0200)
committer	Jeremy Allison <jra@samba.org>
	Mon, 29 Aug 2022 18:20:19 +0000 (18:20 +0000)
selftest/knownfail.d/samba3.smb2.maximum_allowed.read_only	[deleted file]	patch \| blob \| blame \| history
source3/smbd/open.c		patch \| blob \| blame \| history