diff options
| author | Jeremy Allison <jra@samba.org> | 2009-05-30 13:28:03 -0700 |
|---|---|---|
| committer | Karolin Seeger <kseeger@samba.org> | 2009-06-17 10:46:35 +0200 |
| commit | fedc34b47664439b0d066c087d9bfa5a34c81fff (patch) | |
| tree | 00f653beb957155ed241b2791f2865d726dc04e0 | |
| parent | 0839aeb2c583272b041c5a3ebe762c33bc8245f4 (diff) | |
| download | samba-fedc34b47664439b0d066c087d9bfa5a34c81fff.tar.gz samba-fedc34b47664439b0d066c087d9bfa5a34c81fff.tar.xz samba-fedc34b47664439b0d066c087d9bfa5a34c81fff.zip | |
Fix bug #6421 - POSIX read-only open fails on read-only shares. The change to smbd/trans2.c opens up SETFILEINFO calls to POSIX_OPEN only. The change to first smbd/open.c closes 2 holes that would have been exposed by allowing POSIX_OPENS on readonly shares, and their ability to set arbitrary flags permutations. The O_CREAT -> O_CREAT|O_EXCL change removes an illegal combination (O_EXCL without O_CREAT) that previously was being passed down to the open syscall. Jeremy.
(cherry picked from commit 79f26472b4ae561ec00c30f31dd63ccab6dfc0c4)
| -rw-r--r-- | source/smbd/open.c | 6 | ||||
| -rw-r--r-- | source/smbd/trans2.c | 14 |
2 files changed, 12 insertions, 8 deletions
diff --git a/source/smbd/open.c b/source/smbd/open.c index 535abcc26d6..8f45aabf6bb 100644 --- a/source/smbd/open.c +++ b/source/smbd/open.c @@ -250,7 +250,7 @@ static NTSTATUS open_file(files_struct *fsp, if (!CAN_WRITE(conn)) { /* It's a read-only share - fail if we wanted to write. */ - if(accmode != O_RDONLY) { + if(accmode != O_RDONLY || (flags & O_TRUNC) || (flags & O_APPEND)) { DEBUG(3,("Permission denied opening %s\n", path)); return NT_STATUS_ACCESS_DENIED; } else if(flags & O_CREAT) { @@ -258,8 +258,8 @@ static NTSTATUS open_file(files_struct *fsp, O_CREAT doesn't create the file if we have write access into the directory. */ - flags &= ~O_CREAT; - local_flags &= ~O_CREAT; + flags &= ~(O_CREAT|O_EXCL); + local_flags &= ~(O_CREAT|O_EXCL); } } diff --git a/source/smbd/trans2.c b/source/smbd/trans2.c index 25b0c1304b2..4aa61d1cf5d 100644 --- a/source/smbd/trans2.c +++ b/source/smbd/trans2.c @@ -6756,16 +6756,20 @@ static void call_trans2setfilepathinfo(connection_struct *conn, } } - if (!CAN_WRITE(conn)) { - reply_doserror(req, ERRSRV, ERRaccess); - return; - } - if (INFO_LEVEL_IS_UNIX(info_level) && !lp_unix_extensions()) { reply_nterror(req, NT_STATUS_INVALID_LEVEL); return; } + if (!CAN_WRITE(conn)) { + /* Allow POSIX opens. The open path will deny + * any non-readonly opens. */ + if (info_level != SMB_POSIX_PATH_OPEN) { + reply_doserror(req, ERRSRV, ERRaccess); + return; + } + } + DEBUG(3,("call_trans2setfilepathinfo(%d) %s (fnum %d) info_level=%d totdata=%d\n", tran_call,fname, fsp ? fsp->fnum : -1, info_level,total_data)); |