From 0666093cb0d820cc27a265c1f0a87bc76cd3c167 Mon Sep 17 00:00:00 2001 From: Ralph Boehme Date: Fri, 6 Oct 2017 15:25:54 +0200 Subject: [PATCH] vfs_fake_acls: deny give-ownership Windows doesn't allow giving ownership away unless the user has SEC_PRIV_RESTORE privilege. This follows from MS-FSA 2.1.5.1, so it's a property of the filesystem layer, not the SMB layer. By implementing this restriction here, we can now have test for this restriction. Other filesystems may want to deliberately allow this behaviour -- although I'm not aware of any that does -- therefor I'm putting in this restriction in the implementation of the chmod VFS function and not into the caller. Bug: https://bugzilla.samba.org/show_bug.cgi?id=7933 Signed-off-by: Ralph Boehme Reviewed-by: Jeremy Allison --- .../knownfail.d/samba3.blackbox.give_owner | 1 - source3/modules/vfs_fake_acls.c | 18 ++++++++++++++++++ 2 files changed, 18 insertions(+), 1 deletion(-) delete mode 100644 selftest/knownfail.d/samba3.blackbox.give_owner diff --git a/selftest/knownfail.d/samba3.blackbox.give_owner b/selftest/knownfail.d/samba3.blackbox.give_owner deleted file mode 100644 index 28fc0c03236..00000000000 --- a/selftest/knownfail.d/samba3.blackbox.give_owner +++ /dev/null @@ -1 +0,0 @@ -samba3.blackbox.give_owner.give owner without SeRestorePrivilege\(fileserver\) diff --git a/source3/modules/vfs_fake_acls.c b/source3/modules/vfs_fake_acls.c index 7de5cf00bd6..0f539d1f29c 100644 --- a/source3/modules/vfs_fake_acls.c +++ b/source3/modules/vfs_fake_acls.c @@ -413,6 +413,12 @@ static int fake_acls_chown(vfs_handle_struct *handle, int ret; uint8_t id_buf[4]; if (uid != -1) { + uid_t current_uid = get_current_uid(handle->conn); + + if (current_uid != 0 && current_uid != uid) { + return EACCES; + } + SIVAL(id_buf, 0, uid); ret = SMB_VFS_NEXT_SETXATTR(handle, smb_fname, @@ -447,6 +453,12 @@ static int fake_acls_lchown(vfs_handle_struct *handle, int ret; uint8_t id_buf[4]; if (uid != -1) { + uid_t current_uid = get_current_uid(handle->conn); + + if (current_uid != 0 && current_uid != uid) { + return EACCES; + } + /* This isn't quite right (calling setxattr not * lsetxattr), but for the test purposes of this * module (fake NT ACLs from windows clients), it is @@ -486,6 +498,12 @@ static int fake_acls_fchown(vfs_handle_struct *handle, files_struct *fsp, uid_t int ret; uint8_t id_buf[4]; if (uid != -1) { + uid_t current_uid = get_current_uid(handle->conn); + + if (current_uid != 0 && current_uid != uid) { + return EACCES; + } + SIVAL(id_buf, 0, uid); ret = SMB_VFS_NEXT_FSETXATTR(handle, fsp, FAKE_UID, id_buf, sizeof(id_buf), 0); if (ret != 0) { -- 2.34.1