sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-02-02 09:47:23 +03:00
Code

hide unreadable patch from idra

Browse Source 
(This used to be commit 7b6cfe243002a92f5dfb52413e9b3550c61cecfb)
This commit is contained in:
Andrew Tridgell 2001-04-16 15:16:31 +00:00
parent 8c0a1c61cc
commit 4355098a75
3 changed files with 54 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
source3/include/proto.h
View File

@ -1791,6 +1791,7 @@ BOOL lp_shortpreservecase(int );
BOOL lp_casemangle(int );
BOOL lp_status(int );
BOOL lp_hide_dot_files(int );
BOOL lp_hideunreadable(int );
BOOL lp_browseable(int );
BOOL lp_readonly(int );
BOOL lp_no_set_dir(int );

4
source3/param/loadparm.c
View File

@ -359,6 +359,7 @@ typedef struct
BOOL bCaseMangle;
BOOL status;
BOOL bHideDotFiles;
BOOL bHideUnReadable;
BOOL bBrowseable;
BOOL bAvailable;
BOOL bRead_only;
@ -474,6 +475,7 @@ static service sDefault = {
False, /* case mangle */
True, /* status */
True, /* bHideDotFiles */
False, /* bHideUnReadable */
True, /* bBrowseable */
True, /* bAvailable */
True, /* bRead_only */
@ -871,6 +873,7 @@ static struct parm_struct parm_table[] = {
{"mangle case", P_BOOL, P_LOCAL, &sDefault.bCaseMangle, NULL, NULL, FLAG_SHARE | FLAG_GLOBAL},
{"mangling char", P_CHAR, P_LOCAL, &sDefault.magic_char, NULL, NULL, FLAG_SHARE | FLAG_GLOBAL},
{"hide dot files", P_BOOL, P_LOCAL, &sDefault.bHideDotFiles, NULL, NULL, FLAG_SHARE | FLAG_GLOBAL},
{"hide unreadable", P_BOOL, P_LOCAL, &sDefault.bHideUnReadable, NULL, NULL, FLAG_SHARE | FLAG_GLOBAL},
{"delete veto files", P_BOOL, P_LOCAL, &sDefault.bDeleteVetoFiles, NULL, NULL, FLAG_SHARE | FLAG_GLOBAL},
{"veto files", P_STRING, P_LOCAL, &sDefault.szVetoFiles, NULL, NULL, FLAG_SHARE | FLAG_GLOBAL | FLAG_DOS_STRING},
{"hide files", P_STRING, P_LOCAL, &sDefault.szHideFiles, NULL, NULL, FLAG_SHARE | FLAG_GLOBAL | FLAG_DOS_STRING},
@ -1649,6 +1652,7 @@ FN_LOCAL_BOOL(lp_shortpreservecase, bShortCasePreserve)
FN_LOCAL_BOOL(lp_casemangle, bCaseMangle)
FN_LOCAL_BOOL(lp_status, status)
FN_LOCAL_BOOL(lp_hide_dot_files, bHideDotFiles)
FN_LOCAL_BOOL(lp_hideunreadable, bHideUnReadable)
FN_LOCAL_BOOL(lp_browseable, bBrowseable)
FN_LOCAL_BOOL(lp_readonly, bRead_only)
FN_LOCAL_BOOL(lp_no_set_dir, bNo_set_dir)

49
source3/smbd/dir.c
View File

@ -663,6 +663,36 @@ typedef struct
} Dir;
/*******************************************************************
check to see if a user can read a file. This is only approximate,
it is used as part of the "hide unreadable" option. Don't
use it for anything security sensitive
********************************************************************/
static BOOL user_can_read_file(connection_struct *conn, const char *name)
{
struct stat ste;
/* if we can't stat it does not show it */
if (stat(name, &ste) != 0) return False;
if (ste.st_uid == conn->uid) {
return (ste.st_mode & S_IRUSR) == S_IRUSR;
} else {
int i;
if (ste.st_gid == conn->gid) {
return (ste.st_mode & S_IRGRP) == S_IRGRP;
}
for (i=0; i<conn->ngroups; i++) {
if (conn->groups[i] == ste.st_gid) {
return (ste.st_mode & S_IRGRP) == S_IRGRP;
}
}
}
return (ste.st_mode & S_IROTH) == S_IROTH;
}
/*******************************************************************
Open a directory.
********************************************************************/
@ -677,6 +707,7 @@ void *OpenDir(connection_struct *conn, char *name, BOOL use_veto)
if (!p) return(NULL);
dirp = (Dir *)malloc(sizeof(Dir));
if (!dirp) {
DEBUG(0,("Out of memory in OpenDir\n"));
conn->vfs_ops.closedir(conn,p);
return(NULL);
}
@ -695,6 +726,24 @@ void *OpenDir(connection_struct *conn, char *name, BOOL use_veto)
/* If it's a vetoed file, pretend it doesn't even exist */
if (use_veto && conn && IS_VETO_PATH(conn, n)) continue;
/* Honour _hide unreadable_ option */
if (conn && lp_hideunreadable(SNUM(conn)))
{
char *entry;
int ret;
entry = (char *)malloc(PATH_MAX);
if (!entry) {
DEBUG(0,("Out of memory in OpenDir\n"));
conn->vfs_ops.closedir(conn,p);
return(NULL);
}
slprintf(entry, PATH_MAX, "%s/%s/%s", conn->origpath, name, n);
ret = user_can_read_file(conn, entry);
free(entry);
if (!ret) continue;
}
if (used + l > dirp->mallocsize) {
int s = MAX(used+l,used+2000);
char *r;