sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-01-11 05:18:09 +03:00
Code
3cab9f6a34
samba-mirror/source3/script
History
Ralph Boehme 3e6566222c CI: add a test trying to delete a stream on a pathref ("stat open") handle 
When using vfs_streams_xattr, for a pathref handle of a stream the system fd
will be a fake fd created by pipe() in vfs_fake_fd().

For the following callchain we wrongly pass a stream fsp to
SMB_VFS_FGET_NT_ACL():

SMB_VFS_CREATE_FILE(..., "file:stream", ...)
=> open_file():
   if (open_fd):
   -> taking the else branch:
   -> smbd_check_access_rights_fsp(stream_fsp)
      -> SMB_VFS_FGET_NT_ACL(stream_fsp)

This is obviously wrong and can lead to strange permission errors when using
vfs_acl_xattr:

in vfs_acl_xattr we will try to read the stored ACL by calling
fgetxattr(fake-fd) which of course faild with EBADF. Now unfortunately the
vfs_acl_xattr code ignores the specific error and handles this as if there was
no ACL stored and subsequently runs the code to synthesize a default ACL
according to the setting of "acl:default acl style".

As the correct access check for streams has already been carried out by calling
check_base_file_access() from create_file_unixpath(), the above problem is not
a security issue: it can only lead to "decreased" permissions resulting in
unexpected ACCESS_DENIED errors.

The fix is obviously going to be calling
smbd_check_access_rights_fsp(stream_fsp->base_fsp).

This test verifies that deleting a file works when the stored NT ACL grants
DELETE_FILE while the basic POSIX permissions (used in the acl_xattr fallback
code) do not.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15126
MR: https://gitlab.com/samba-team/samba/-/merge_requests/2643

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
(cherry picked from commit 23bc760ec5)
2022-09-06 07:54:13 +00:00
..
tests CI: add a test trying to delete a stream on a pathref ("stat open") handle 2022-09-06 07:54:13 +00:00
count_80_col.pl
creategroup
fix_bool.pl
format_indent.sh
makeunicodecasemap.awk
mknissmbpasswd.sh
mknissmbpwdtbl.sh
mksmbpasswd.sh
mksyms.awk
mksyms.sh
scancvslog.pl
smbaddshare Remove some bashisms from the test scripts 2018-02-19 07:36:23 +01:00
smbchangeshare Remove some bashisms from the test scripts 2018-02-19 07:36:23 +01:00
smbdeleteshare Remove some bashisms from the test scripts 2018-02-19 07:36:23 +01:00
smbtar smbtar: adopt for new tar verbose option 2020-01-14 19:17:29 +00:00
strip_trail_ws.pl
updatesmbpasswd.sh
wscript_build s3:script: Remove findsmb from default installation 2021-04-19 14:37:04 +00:00