sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2024-12-25 23:21:54 +03:00
Code
c54fcb7cbd
samba-mirror/source3/smbd
History
Ralph Boehme c54fcb7cbd s3/smbd: handle EACCES when fetching DOS attributes from xattr 
When trying to fetch the DOS attributes xattr via SMB_VFS_GETXATTR() if
the filesystem doesn't grant read access to the file the xattr read
request fails with EACCESS.

But according to MS-FSA 2.1.5.1.2.1 "Algorithm to Check Access to an
Existing File" FILE_LIST_DIRECTORY on a directory implies
FILE_READ_ATTRIBUTES for directory entries.

So if the user can open the parent directory for reading this implies
FILE_LIST_DIRECTORY and we can safely call SMB_VFS_GETXATTR() as root,
ensuring we can read the DOS attributes xattr.

Bug: https://bugzilla.samba.org/show_bug.cgi?id=12944

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Christof Schmitt <cs@samba.org>
2017-08-08 21:23:10 +02:00
..
notifyd ctdb_conn: Use messaging_ctdb_connection 2017-07-25 17:43:18 +02:00
aio.c s3/vfs: rename SMB_VFS_STRICT_LOCK to SMB_VFS_STRICT_LOCK_CHECK 2017-07-11 03:37:44 +02:00
avahi_register.c s3: smbd: Modernize Avahi DEBUG macros and long if statements 2017-07-27 17:12:28 +02:00
blocking.c dlist: remove unneeded type argument from DLIST_ADD_END() 2016-02-06 21:48:17 +01:00
close.c lib: Add lib/util/server_id.h 2017-01-22 18:30:11 +01:00
conn_idle.c
conn_msg.c
conn.c
connection.c
dfree.c s3: VFS: Change SMB_VFS_DISK_FREE to use const struct smb_filename * instead of const char *. 2017-06-18 02:49:24 +02:00
dir.c S3: smbd: Finish plumbing struct smb_filename * through the check_name() stack. 2017-07-01 03:07:11 +02:00
dmapi.c Convert all uses of uint8/16/32 to _t in source3/smbd. 2015-05-06 04:14:14 +02:00
dnsregister.c
dosmode.c s3/smbd: handle EACCES when fetching DOS attributes from xattr 2017-08-08 21:23:10 +02:00
durable.c lib: Add lib/util/server_id.h 2017-01-22 18:30:11 +01:00
error.c Convert all uses of uint8/16/32 to _t in source3/smbd. 2015-05-06 04:14:14 +02:00
fake_file.c Convert three include files from uint32/16/8 to _t types as well as the source that includes them. 2015-05-01 19:15:10 +02:00
file_access.c s3: Filenames: Add uint32_t flags parameter to synthetic_smb_fname(). 2016-03-24 22:57:16 +01:00
fileio.c smbd: Fix line length & whitespace in write_file 2016-02-23 22:03:16 +01:00
filename.c S3: smbd: Finish plumbing struct smb_filename * through the check_name() stack. 2017-07-01 03:07:11 +02:00
files.c s3: smbd: When deleting an fsp pointer ensure we don't keep any references to it around. 2017-06-22 00:12:49 +02:00
globals.c printing: use housekeeping period that matches cache time 2016-04-19 09:37:14 +02:00
globals.h s3/smbd: enable processing SMB2 requests async internally 2017-04-18 22:54:16 +02:00
ipc.c Convert all uses of uint8/16/32 to _t in source3/smbd. 2015-05-06 04:14:14 +02:00
lanman.c s3:smbd: consistently use talloc_tos() memory for rpc_pipe_open_interface() 2017-07-10 23:22:10 +02:00
mangle_hash2.c lib/util: move memcache.[ch] to the toplevel 'samba-util' library 2014-07-18 15:43:33 +02:00
mangle_hash.c smbd: Convert valid.dat to C code 2015-03-24 00:00:20 +01:00
mangle.c s3/smbd: convert "mangled names" option to an enum 2017-01-09 19:31:20 +01:00
message.c Update smbrun to allow for settings environment variables. 2016-10-13 04:26:26 +02:00
msdfs.c s3: VFS: Change SMB_VFS_GETWD to return struct smb_filename * instead of char *. 2017-07-01 03:07:11 +02:00
negprot.c auth: Always supply both the remote and local address to the auth subsystem 2017-03-29 02:37:26 +02:00
notify_fam.c smbd: Allow passing notify filter from inotify and fam 2016-07-18 15:14:11 +02:00
notify_inotify.c s3: smbd: inotify_map_mask_to_filter incorrectly indexes an array. 2017-04-28 03:18:23 +02:00
notify_msg.c lib: Add lib/util/server_id.h 2017-01-22 18:30:11 +01:00
notify.c smbd: Re-register notify requests 2016-07-20 05:21:07 +02:00
ntquotas.c s3: VFS: Change SMB_VFS_GET_QUOTA to use const struct smb_filename * instead of const char *. 2017-06-18 02:49:25 +02:00
nttrans.c s3: smbd: We can now remove the 'bool dfs_path' parameter from filename_convert(). 2017-05-22 18:41:16 +02:00
open.c s3/smbd: let non_widelink_open() chdir() to directories directly 2017-07-07 20:11:22 +02:00
oplock_irix.c
oplock_linux.c
oplock.c s3/smbd: fix exclusive lease optimisation 2017-05-28 14:50:18 +02:00
password.c
perfcount.c lib:util: Make probing of modules more secure 2017-06-06 18:36:07 +02:00
pipes.c rpc_server: Re-order and rename remote and local address in np_open() 2017-03-29 02:37:29 +02:00
posix_acls.c s3: VFS: Change SMB_VFS_GETXATTR to use const struct smb_filename * instead of const char *. 2017-06-01 02:58:53 +02:00
process.c ctdb_conn: Use messaging_ctdb_connection 2017-07-25 17:43:18 +02:00
proto.h S3: smbd: Finish plumbing struct smb_filename * through the check_name() stack. 2017-07-01 03:07:11 +02:00
pysmbd.c s3: VFS: Change SMB_VFS_SYS_ACL_SET_FILE to use const struct smb_filename * instead of const char *. 2017-05-31 22:50:22 +02:00
quotas.c s3: VFS: Change SMB_VFS_GET_QUOTA to use const struct smb_filename * instead of const char *. 2017-06-18 02:49:25 +02:00
reply.c s3/vfs: rename SMB_VFS_STRICT_LOCK to SMB_VFS_STRICT_LOCK_CHECK 2017-07-11 03:37:44 +02:00
scavenger.c lib: Add lib/util/server_id.h 2017-01-22 18:30:11 +01:00
scavenger.h
seal.c auth: Always supply both the remote and local address to the auth subsystem 2017-03-29 02:37:26 +02:00
sec_ctx.c s3:smbd: Fix incorrect use of sys_getgroups() 2017-04-18 15:43:02 +02:00
server_exit.c s3: clients: Use netlogon_creds_cli_close_global_db() in all normal exit paths. 2017-07-26 21:35:22 +02:00
server_reload.c s3:smbd: use lp_load_with_shares() in reload_services(). 2015-04-22 13:57:29 +02:00
server.c ctdb_conn: Use messaging_ctdb_connection 2017-07-25 17:43:18 +02:00
service.c s3: VFS: Change SMB_VFS_REALPATH to take and return struct smb_filename * instead of char *. 2017-07-01 03:07:11 +02:00
session.c
sesssetup.c s3:smbd: call auth_check_password_session_info() only in one central place 2017-06-26 08:47:15 +02:00
share_access.c smbd: remove redundant comment (with typo) from token_contains_name() 2016-08-04 18:26:07 +02:00
signing.c s3:smbd: move sconn->smb1.signing_state to xconn->smb1.signing_state 2014-08-06 09:51:11 +02:00
smb2_break.c smbXsrv: rename smb2srv_session_lookup -> smb2srv_session_lookup_conn 2015-07-29 18:26:07 +02:00
smb2_close.c smbd:smb2_close: remove an irritating blank line 2016-01-22 01:55:09 +01:00
smb2_create.c s3:smb2_create: remove unused timer pointer from smbd_smb2_create_state 2017-06-27 16:57:47 +02:00
smb2_flush.c s3/vfs: wrap async io function args inside struct vfs_aio_state 2016-03-02 01:22:13 +01:00
smb2_getinfo.c s3:smbd: mask security_information input values with SMB_SUPPORTED_SECINFO_FLAGS 2014-08-22 00:28:08 +02:00
smb2_glue.c s3/smbd: remove flags2 FLAGS2_READ_PERMIT_EXECUTE hack in the SMB2 code 2017-07-03 19:59:08 +02:00
smb2_ioctl_dfs.c s3/smbd: allow GET_DFS_REFERRAL fsctl on any smb2 connexion 2017-02-25 02:38:28 +01:00
smb2_ioctl_filesys.c s3/vfs: rename SMB_VFS_STRICT_LOCK to SMB_VFS_STRICT_LOCK_CHECK 2017-07-11 03:37:44 +02:00
smb2_ioctl_named_pipe.c
smb2_ioctl_network_fs.c s3/smbd: remove unneeded flags argument from SMB_VFS_OFFLOAD_WRITE_SEND 2017-07-03 19:59:08 +02:00
smb2_ioctl_private.h
smb2_ioctl.c s3:smb2_server: pass smbXsrv_connection to smbd_server_connection_terminate*() 2014-08-06 09:51:13 +02:00
smb2_keepalive.c
smb2_lock.c smbd: Fix CID 1273096 Dereference before null check 2015-06-23 22:12:09 +02:00
smb2_negprot.c s3/smbd: ensure global "smb encrypt = off" is effective for SMB 3.1.1 clients 2017-01-27 22:00:17 +01:00
smb2_notify.c s3:smb2_server: use async smbprofile macros 2014-11-19 20:51:37 +01:00
smb2_query_directory.c s3: smbd: We can now remove the 'bool dfs_path' parameter from filename_convert(). 2017-05-22 18:41:16 +02:00
smb2_read.c s3/vfs: rename SMB_VFS_STRICT_LOCK to SMB_VFS_STRICT_LOCK_CHECK 2017-07-11 03:37:44 +02:00
smb2_server.c s3/smbd: enable processing SMB2 requests async internally 2017-04-18 22:54:16 +02:00
smb2_sesssetup.c s3:smb2_sesssetup: allow a compound request after a SessionSetup 2017-06-17 10:55:25 +02:00
smb2_setinfo.c smbd: Convert locking.tdb to new dbwrap_watch 2016-07-15 16:56:13 +02:00
smb2_tcon.c s3:smb2_tcon: allow a compound request after a TreeConnect 2017-06-17 06:39:20 +02:00
smb2_write.c s3/vfs: rename SMB_VFS_STRICT_LOCK to SMB_VFS_STRICT_LOCK_CHECK 2017-07-11 03:37:44 +02:00
smbd_cleanupd.c s3/smbd: remove a misleading error message 2016-09-16 16:43:16 +02:00
smbd_cleanupd.h smbd: Implement a cleanup daemon 2015-11-16 14:51:33 +01:00
smbd.h s3: smbd: Add UCF_GMT_PATHNAME, which represents FLAGS2_REPARSE_PATH. 2017-05-22 18:41:16 +02:00
smbXsrv_client.c lib: Add lib/util/server_id.h 2017-01-22 18:30:11 +01:00
smbXsrv_open.c lib: Add lib/util/server_id.h 2017-01-22 18:30:11 +01:00
smbXsrv_session.c lib: Add lib/util/server_id.h 2017-01-22 18:30:11 +01:00
smbXsrv_tcon.c lib: Add lib/util/server_id.h 2017-01-22 18:30:11 +01:00
smbXsrv_version.c smbXsrv: don't leak lock_path onto talloc tos 2014-11-03 23:46:05 +01:00
srvstr.c Convert all uses of uint8/16/32 to _t in source3/smbd. 2015-05-06 04:14:14 +02:00
statcache.c lib: Move "message_send_all" to serverid.c 2016-07-28 05:00:19 +02:00
statvfs.c s3/statvfs: expose FILE_SUPPORTS_SPARSE_FILES capability 2015-03-09 21:27:07 +01:00
trans2.c s3: VFS: Change SMB_VFS_SYMLINK to use const struct smb_filename * instead of const char *. 2017-06-18 07:03:18 +02:00
uid.c smbd: Change logging level for denied share access 2014-07-31 01:17:30 +02:00
utmp.c
vfs.c s3/vfs: rename SMB_VFS_STRICT_LOCK to SMB_VFS_STRICT_LOCK_CHECK 2017-07-11 03:37:44 +02:00