2025-01-07 17:18:11 +03:00 · 2021-06-07 09:47:26 -07:00 · 2021-06-07 09:47:26 -07:00 · 342a0c92c9
commit 342a0c92c9
parent b56fc4b0d8
1 changed files with 14 additions and 8 deletions
--- a/source3/modules/vfs_shadow_copy2.c
+++ b/source3/modules/vfs_shadow_copy2.c
@ -1738,6 +1738,7 @@ static char *have_snapdir(struct vfs_handle_struct *handle,
 	return NULL;
 }

+#if 0
 static bool check_access_snapdir(struct vfs_handle_struct *handle,
 				const char *path)
 {
@ -1774,6 +1775,7 @@ static bool check_access_snapdir(struct vfs_handle_struct *handle,
 	TALLOC_FREE(smb_fname.base_name);
 	return true;
 }
+#endif

 /**
 * Find the snapshot directory (if any) for the given
@ -1972,7 +1974,6 @@ static int shadow_copy2_get_shadow_copy_data(
 	struct shadow_copy2_private *priv = NULL;
 	struct shadow_copy2_snapentry *tmpentry = NULL;
 	bool get_snaplist = false;
-	bool access_granted = false;
 	int open_flags = O_RDONLY;
 	int fd;
 	int ret = -1;
@ -1987,13 +1988,6 @@ static int shadow_copy2_get_shadow_copy_data(
 		goto done;
 	}

-	access_granted = check_access_snapdir(handle, snapdir);
-	if (!access_granted) {
-		DEBUG(0,("access denied on listing snapdir %s\n", snapdir));
-		errno = EACCES;
-		goto done;
-	}
-
 	snapdir_smb_fname = synthetic_smb_fname(talloc_tos(),
 					snapdir,
 					NULL,
@ -2039,6 +2033,18 @@ static int shadow_copy2_get_shadow_copy_data(
 	}
 	fsp_set_fd(dirfsp, fd);

+	/* Now we have the handle, check access here. */
+	status = smbd_check_access_rights_fsp(dirfsp,
+					false,
+					SEC_DIR_LIST);
+	if (!NT_STATUS_IS_OK(status)) {
+		DBG_ERR("user does not have list permission "
+			"on snapdir %s\n",
+			fsp_str_dbg(dirfsp));
+		errno = EACCES;
+		goto done;
+	}
+
 	p = SMB_VFS_NEXT_FDOPENDIR(handle, dirfsp, NULL, 0);
 	if (!p) {
 		DBG_NOTICE("shadow_copy2: SMB_VFS_NEXT_FDOPENDIR() failed for '%s'"