|
 |
6729ff |
From 34d4e883146bccda53422fa50a35ab25ca880d2e Mon Sep 17 00:00:00 2001
|
|
|
6729ff |
From: Jeremy Allison <jra@samba.org>
|
|
|
6729ff |
Date: Mon, 17 Mar 2014 14:35:00 -0700
|
|
|
6729ff |
Subject: [PATCH] s3: smbd: Fileserving share access checks.
|
|
|
6729ff |
|
|
|
6729ff |
Git commit 86d1e1db8e2747e30c89627cda123fde1e84f579
|
|
|
6729ff |
fixed share_access not being reset between users,
|
|
|
6729ff |
by changing make_connection_snum() to call a common
|
|
|
6729ff |
function check_user_share_access() in the same way
|
|
|
6729ff |
that change_to_user() (which can be called on any
|
|
|
6729ff |
incoming packet) does.
|
|
|
6729ff |
|
|
|
6729ff |
Unfortunately that bugfix was incorrect and
|
|
|
6729ff |
broke "force user" and "force group" as it
|
|
|
6729ff |
called check_user_share_access() inside
|
|
|
6729ff |
make_connection_snum() using the conn->session_info
|
|
|
6729ff |
pointer instead of the vuser->session_info pointer.
|
|
|
6729ff |
|
|
|
6729ff |
conn->session_info represents the token to use
|
|
|
6729ff |
when actually accessing the file system, and so
|
|
|
6729ff |
is modified by force user and force group.
|
|
|
6729ff |
|
|
|
6729ff |
vuser->session_info represents the "pristine"
|
|
|
6729ff |
token of the user logging in, and is never modified
|
|
|
6729ff |
by force user and force group.
|
|
|
6729ff |
|
|
|
6729ff |
Samba 3.6.x checked the share access based on
|
|
|
6729ff |
the "pristine" token of the user logging in,
|
|
|
6729ff |
not the token modified by force user and force group.
|
|
|
6729ff |
This change restores the expected behavior.
|
|
|
6729ff |
|
|
|
6729ff |
Fixes bug #9878 - force user does not work as expected
|
|
|
6729ff |
|
|
|
6729ff |
https://bugzilla.samba.org/show_bug.cgi?id=9878
|
|
|
6729ff |
|
|
|
6729ff |
Signed-off-by: Jeremy Allison <jra@samba.org>
|
|
|
6729ff |
---
|
|
|
6729ff |
source3/smbd/service.c | 12 ++++++++++--
|
|
|
6729ff |
1 file changed, 10 insertions(+), 2 deletions(-)
|
|
|
6729ff |
|
|
|
6729ff |
diff --git a/source3/smbd/service.c b/source3/smbd/service.c
|
|
|
6729ff |
index a7464f0..7d06551 100644
|
|
|
6729ff |
--- a/source3/smbd/service.c
|
|
|
6729ff |
+++ b/source3/smbd/service.c
|
|
|
6729ff |
@@ -614,11 +614,19 @@ static NTSTATUS make_connection_snum(struct smbd_server_connection *sconn,
|
|
|
6729ff |
}
|
|
|
6729ff |
|
|
|
6729ff |
/*
|
|
|
6729ff |
- * Set up the share security descriptor
|
|
|
6729ff |
+ * Set up the share security descriptor.
|
|
|
6729ff |
+ * NOTE - we use the *INCOMING USER* session_info
|
|
|
6729ff |
+ * here, as does (indirectly) change_to_user(),
|
|
|
6729ff |
+ * which can be called on any incoming packet.
|
|
|
6729ff |
+ * This way we set up the share access based
|
|
|
6729ff |
+ * on the authenticated user, not the forced
|
|
|
6729ff |
+ * user. See bug:
|
|
|
6729ff |
+ *
|
|
|
6729ff |
+ * https://bugzilla.samba.org/show_bug.cgi?id=9878
|
|
|
6729ff |
*/
|
|
|
6729ff |
|
|
|
6729ff |
status = check_user_share_access(conn,
|
|
|
6729ff |
- conn->session_info,
|
|
|
6729ff |
+ vuser->session_info,
|
|
|
6729ff |
&conn->share_access,
|
|
|
6729ff |
&conn->read_only);
|
|
|
6729ff |
if (!NT_STATUS_IS_OK(status)) {
|
|
|
6729ff |
--
|
|
|
6729ff |
1.9.0.279.gdc9e3eb
|
|
|
6729ff |
|