sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-01-07 17:18:11 +03:00
Code
9559c00d06
samba-mirror/source3
History
Ralph Boehme 9559c00d06 smbd: use metadata_fsp(fsp) in copy_access_posix_acl() for SMB_VFS_SYS_ACL_SET_FD 
When inherting permissions on the created stream, we call into the VFS to fetch
the streams security descriptor via inherit_access_posix_acl() ->
copy_access_posix_acl() -> SMB_VFS_SYS_ACL_SET_FD() passing the stream fsp which
triggers the assert SMB_ASSERT(!fsp_is_alternate_stream(fsp)) in
vfswrap_sys_acl_set_fd() in vfs_default.

Just passing the base fsp to the VFS fixes this.

vfs_streams_depot which *does use* distinct backend filesystem files for the
streams, currently does not apply permissions to the stream files at all, so the
incomplete behaviour of vfs_streams_depot is not affected by this change.

If in the future someone want to fix this defficiency in vfs_streams_depot, the
module code can use fsp->stream_fsp to base decisions in VFS ops whether the
module should carry out some action.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15695

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>

Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Mon Sep  2 08:55:28 UTC 2024 on atb-devel-224

(cherry picked from commit ecb8a99a2c)

Autobuild-User(v4-20-test): Jule Anger <janger@samba.org>
Autobuild-Date(v4-20-test): Fri Sep  6 15:26:57 UTC 2024 on atb-devel-224
2024-09-06 15:26:57 +00:00
..
auth Revert "token_util.c: prefer capabilities over become_root" 2024-03-27 16:51:00 +00:00
build
client s3/libsmb: reuse smbXcli_conn_have_posix() 2023-10-26 15:29:29 +00:00
exports
groupdb s3:groupdb: Add missing newline to logging message 2023-08-08 04:39:38 +00:00
include s3:include: split out fstring.h 2024-05-30 09:47:15 +00:00
intl
lib s3:lib:util_tdb: use NUMERIC_CMP() in tdb_data_cmp() 2024-06-10 13:24:16 +00:00
libads s3:libads: Do not fail if we don't get an IP passed down 2024-06-05 13:55:28 +00:00
libgpo/gpext
libnet s3:libnet: Remove always‐false comparison (CID 241309) 2023-10-13 02:18:31 +00:00
librpc s3:crypto/gse: implement channel binding support 2024-07-09 09:54:15 +00:00
libsmb s3:libsmb:nmblib: use NUMERIC_CMP in status_compare 2024-06-10 13:24:16 +00:00
locale s3:utils: Fix code spelling 2023-08-08 04:39:38 +00:00
locking s3:brlock: use NUMERIC_CMP in #ifdef-zeroed lock_compare 2024-06-10 13:24:16 +00:00
modules vfs_ceph_new: handle case of readlinkat with empty name string 2024-09-02 13:41:57 +00:00
nmbd s3:libsmb/unexpected: pass nmbd_socket_dir from the callers of nb_packet_{server_create,reader_send}() 2024-05-30 09:47:16 +00:00
param s3:param: Remove unnecessary use of discard_const_p() 2023-12-21 20:21:34 +00:00
passdb s3:passdb: Fix memory leak caused by recursion of get_global_sam_sid() 2024-01-23 14:30:58 +00:00
printing s3:printing: Allow to run samba-bgqd as a standalone systemd service 2024-07-23 08:56:24 +00:00
profile profile: Fix rusage reporting 2023-12-19 16:05:36 +00:00
registry libcli/security: Rename dup_nt_token() -> security_token_duplicate() 2023-09-26 23:45:36 +00:00
rpc_client s3/rpc_client: Fix array offset check 2024-02-26 10:37:37 +00:00
rpc_server s3:rpc_server/mdssvc: make use of tstream_tls_params_client_lpcfg() 2024-07-09 09:54:15 +00:00
rpcclient s3:rpcclient: Use dcerpc_lsa_open_policy_fallback() in cmd_lsarpc.c 2023-11-21 11:16:37 +00:00
script test_recycle.sh: make sure we don't see panics on the log files 2024-06-19 13:00:11 +00:00
selftest smbtorture: test creating stream doesn't crash when using "inherit permissions = yes" 2024-09-06 14:04:09 +00:00
services s3:services: Disable rcinit-based service control code 2021-12-10 14:02:30 +00:00
smbd smbd: use metadata_fsp(fsp) in copy_access_posix_acl() for SMB_VFS_SYS_ACL_SET_FD 2024-09-06 15:26:57 +00:00
torture smbd: Give source3/smbd/dir.c its own header file 2023-12-19 16:05:36 +00:00
utils s3:ntlm_auth: make logs more consistent with length check 2024-08-14 16:10:42 +00:00
web
winbindd s3:winbind: Fix idmap_ad creating an invalid local krb5.conf 2024-06-05 15:01:54 +00:00
.clang_complete
.dmallocrc
.indent.pro
Doxyfile
mainpage.dox
smbadduser.in
wscript vfs_ceph_new: next iteration of samba-to-cephfs bridge 2024-08-20 11:36:13 +00:00
wscript_build s3:wscript: LIBNMB requires lp_ functions 2024-05-30 09:47:16 +00:00
wscript_configure_system_ncurses