mirror of
https://github.com/samba-team/samba.git
synced 2024-12-22 13:34:15 +03:00
f9d7a930f0
This reproduces a race where one client creates a directory and other clients see it before the directory is fully setup including the correct permissions and similar things. We have a DENY ACE for SEC_DIR_ADD_FILE, which means that files can't be created. This is set on a base directory 'mkdir_visible'. Then we have a lot of async loops trying to create a file called 'mkdir_visible\dir\file_NR'. These loop as fast as possible expecting OBJECT_PATH_NOT_FOUND, because 'mkdir_visible\dir' is not there. Then we send a create for 'mkdir_visible\dir' and expect that to work. This should turn the 'mkdir_visible\dir\file_NR' loop into getting ACCESS_DENIED, because the DENY ACE for SEC_DIR_ADD_FILE should be inherited before 'mkdir_visible\dir' is visible to other clients. Because of the complex steps in mkdir_internal(), smbd allows the creation 'mkdir_visible\dir\file_NR', as 'mkdir_visible\dir' is already visible after the mkdirat(), before the DENY ACE is inherited. BUG: https://bugzilla.samba.org/show_bug.cgi?id=15693 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org> |
||
---|---|---|
.. | ||
auth | ||
basic | ||
dfs | ||
dns | ||
drs | ||
gpo | ||
krb5 | ||
ldap | ||
ldb | ||
libnet | ||
libnetapi | ||
libsmbclient | ||
local | ||
man | ||
nbench | ||
nbt | ||
ndr | ||
ntp | ||
rap | ||
raw | ||
rpc | ||
smb2 | ||
tests | ||
unix | ||
vfs | ||
winbind | ||
gentest.c | ||
locktest.c | ||
masktest.c | ||
shell.c | ||
smbtorture.c | ||
smbtorture.h | ||
torture.c | ||
util_smb.c | ||
util.h | ||
wscript_build |