sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-08-29 13:49:30 +03:00
Code Activity

smbd: prevent non-POSIX stat-opens of symlinks in open_file()

Browse Source 
Also adjust the test that checks for this.

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
This commit is contained in:
Ralph Boehme
2020-10-01 14:40:33 +02:00
parent e6650c47cf
commit dab50f3953
2 changed files with 13 additions and 32 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
source3/smbd/open.c
View File

@ -1458,6 +1458,16 @@ static NTSTATUS open_file(files_struct *fsp,
return NT_STATUS_OBJECT_NAME_NOT_FOUND;
}
if (S_ISLNK(smb_fname->st.st_ex_mode) &&
!(fsp->posix_flags & FSP_POSIX_FLAGS_OPEN))
{
/*
* Don't allow stat opens on symlinks directly unless
* it's a POSIX open.
*/
return NT_STATUS_OBJECT_PATH_NOT_FOUND;
}
status = smbd_check_access_rights(conn,
conn->cwd_fsp,
smb_fname,

35
source3/torture/torture.c
View File

@ -8041,7 +8041,6 @@ static bool run_acl_symlink_test(int dummy)
char *posix_acl_sym = NULL;
size_t posix_acl_len_sym = 0;
struct security_descriptor *sd = NULL;
struct security_descriptor *sd_sym = NULL;
TALLOC_CTX *frame = NULL;
frame = talloc_stackframe();
@ -8146,7 +8145,7 @@ static bool run_acl_symlink_test(int dummy)
goto out;
}
/* Open a handle on the symlink. */
/* Try a stat-open on the symlink, should also fail. */
status = cli_ntcreate(cli,
sname,
0,
@ -8159,23 +8158,8 @@ static bool run_acl_symlink_test(int dummy)
&fnum,
NULL);
if (!NT_STATUS_IS_OK(status)) {
printf("cli_posix_open of %s failed (%s)\n",
sname,
nt_errstr(status));
goto out;
}
/* Get the Windows ACL on the symlink handle. Should fail */
status = cli_query_secdesc(cli,
fnum,
frame,
&sd_sym);
if (!NT_STATUS_EQUAL(status, NT_STATUS_ACCESS_DENIED)) {
printf("cli_query_secdesc on a symlink gave %s. "
"Should be NT_STATUS_ACCESS_DENIED.\n",
nt_errstr(status));
if (NT_STATUS_IS_OK(status)) {
printf("Stat-open of symlink succeeded (should fail)\n");
goto out;
}
@ -8193,19 +8177,6 @@ static bool run_acl_symlink_test(int dummy)
goto out;
}
/* Set the Windows ACL on the symlink handle. Should fail */
status = cli_set_security_descriptor(cli,
fnum,
SECINFO_DACL,
sd);
if (!NT_STATUS_EQUAL(status, NT_STATUS_ACCESS_DENIED)) {
printf("cli_query_secdesc on a symlink gave %s. "
"Should be NT_STATUS_ACCESS_DENIED.\n",
nt_errstr(status));
goto out;
}
/* Set the POSIX ACL on the symlink pathname. Should fail. */
status = cli_posix_setacl(cli,
sname,