| commit | 6d79f2553419d411b7a73187945a63b0dc168be6 | |
| author | Jeremy Allison <jra@samba.org> | |
| Fri, 8 Jan 2010 18:17:46 +0000 (8 10:17 -0800) | ||
| committer | Karolin Seeger <kseeger@samba.org> | |
| Mon, 25 Jan 2010 09:59:23 +0000 (25 10:59 +0100) | ||
| tree | 2420bda3f0f59426d67c21e55ea865d0b4201051 | treesnapshot (tar.gz zip) |
| parent | e685d4380741cfba55f1449c308b492fcf5e48d1 | commitdiff |
Re-fix bug 5202 - cannot change ACLs on writable file with "dos filemode=yes"
This bug re-occurred for 3.3.x and above.
The reason is that to change a NT ACL we now have to open the file requesting
WRITE_DAC and WRITE_OWNER access. The mapping from POSIX "w" to NT permissions
in posix_acls doesn't add these bits when "dos filemode = yes", so even though
the permission or owner change would be allowed by the POSIX ACL code, the
NTCreateX call fails with ACCESS_DENIED now we always check NT permissions
first.
Added in the mapping from "w" to WRITE_DAC and WRITE_OWNER access.
Jeremy.
(cherry picked from commit d7713d11a6dc2d66c820d7496bc45eb5fe527fbf)
(cherry picked from commit e687a20d60144af2cb459231fb6a699f2533ce9d)
This bug re-occurred for 3.3.x and above.
The reason is that to change a NT ACL we now have to open the file requesting
WRITE_DAC and WRITE_OWNER access. The mapping from POSIX "w" to NT permissions
in posix_acls doesn't add these bits when "dos filemode = yes", so even though
the permission or owner change would be allowed by the POSIX ACL code, the
NTCreateX call fails with ACCESS_DENIED now we always check NT permissions
first.
Added in the mapping from "w" to WRITE_DAC and WRITE_OWNER access.
Jeremy.
(cherry picked from commit d7713d11a6dc2d66c820d7496bc45eb5fe527fbf)
(cherry picked from commit e687a20d60144af2cb459231fb6a699f2533ce9d)
| source3/smbd/posix_acls.c | diffblobblamehistory |