From: Jeremy Allison Date: Fri, 17 Apr 2020 21:23:07 +0000 (-0700) Subject: s3: smbd: Refuse open in create_file_unixpath() with only SEC_FLAG_SYSTEM_SECURITY... X-Git-Tag: ldb-2.2.0~898 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=1ebec7056bdf4b268b0a070d70b5a94093147f19;p=thirdparty%2Fsamba.git s3: smbd: Refuse open in create_file_unixpath() with only SEC_FLAG_SYSTEM_SECURITY set. We now pass smbtorture3 SMB2-SACL like Windows 10 does. Note this is an SMB2-only behavior. SMB1 allows an open with only SEC_FLAG_SYSTEM_SECURITY set as tested in smbtorture3 SMB1-SYSTEM-SECURITY. Signed-off-by: Jeremy Allison Reviewed-by: Ralph Boehme Autobuild-User(master): Jeremy Allison Autobuild-Date(master): Tue Apr 21 20:17:10 UTC 2020 on sn-devel-184 --- diff --git a/selftest/knownfail.d/sacl_set_get b/selftest/knownfail.d/sacl_set_get deleted file mode 100644 index 6aee383ba02..00000000000 --- a/selftest/knownfail.d/sacl_set_get +++ /dev/null @@ -1,2 +0,0 @@ -^samba3.blackbox.sacl_get_set.SACL set_get\(fileserver\) - diff --git a/source3/smbd/open.c b/source3/smbd/open.c index d4c77602daf..ecb46d75215 100644 --- a/source3/smbd/open.c +++ b/source3/smbd/open.c @@ -5432,6 +5432,21 @@ static NTSTATUS create_file_unixpath(connection_struct *conn, status = NT_STATUS_PRIVILEGE_NOT_HELD; goto fail; } + + if (conn->sconn->using_smb2 && + (access_mask == SEC_FLAG_SYSTEM_SECURITY)) + { + /* + * No other bits set. Windows SMB2 refuses this. + * See smbtorture3 SMB2-SACL test. + * + * Note this is an SMB2-only behavior, + * smbtorture3 SMB1-SYSTEM-SECURITY already tests + * that SMB1 allows this. + */ + status = NT_STATUS_ACCESS_DENIED; + goto fail; + } } /*