mirror of
https://github.com/samba-team/samba.git
synced 2025-03-09 08:58:35 +03:00
smbd: use metadata_fsp(fsp) in copy_access_posix_acl() for SMB_VFS_SYS_ACL_SET_FD
When inherting permissions on the created stream, we call into the VFS to fetch the streams security descriptor via inherit_access_posix_acl() -> copy_access_posix_acl() -> SMB_VFS_SYS_ACL_SET_FD() passing the stream fsp which triggers the assert SMB_ASSERT(!fsp_is_alternate_stream(fsp)) in vfswrap_sys_acl_set_fd() in vfs_default. Just passing the base fsp to the VFS fixes this. vfs_streams_depot which *does use* distinct backend filesystem files for the streams, currently does not apply permissions to the stream files at all, so the incomplete behaviour of vfs_streams_depot is not affected by this change. If in the future someone want to fix this defficiency in vfs_streams_depot, the module code can use fsp->stream_fsp to base decisions in VFS ops whether the module should carry out some action. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15695 Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Volker Lendecke <vl@samba.org> Autobuild-User(master): Volker Lendecke <vl@samba.org> Autobuild-Date(master): Mon Sep 2 08:55:28 UTC 2024 on atb-devel-224 (cherry picked from commit ecb8a99a2c7ba36f9adc50ef13cd8465a0c49b19) Autobuild-User(v4-21-test): Jule Anger <janger@samba.org> Autobuild-Date(v4-21-test): Mon Sep 9 08:29:43 UTC 2024 on atb-devel-224
This commit is contained in:
parent
882eadc385
commit
505f48fff9
@ -1 +0,0 @@
|
||||
^samba3.smb2.stream-inherit-perms.stream-inherit-perms\(fileserver\)
|
@ -4000,7 +4000,9 @@ static int copy_access_posix_acl(struct files_struct *from,
|
||||
goto done;
|
||||
}
|
||||
|
||||
ret = SMB_VFS_SYS_ACL_SET_FD(to, SMB_ACL_TYPE_ACCESS, posix_acl);
|
||||
ret = SMB_VFS_SYS_ACL_SET_FD(metadata_fsp(to),
|
||||
SMB_ACL_TYPE_ACCESS,
|
||||
posix_acl);
|
||||
|
||||
done:
|
||||
|
||||
|
Loading…
x
Reference in New Issue
Block a user