even if we don't have access to read the ACL on the object. Fixes bug #8673 - NT ACL issue.
Different fix needed for 3.6.x.
Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Tue Dec 20 22:13:51 CET 2011 on sn-devel-104
NTSTATUS status;
struct security_descriptor *sd = NULL;
uint32_t rejected_share_access;
- uint32_t rejected_mask = 0;
+ uint32_t rejected_mask = access_mask;
rejected_share_access = access_mask & ~(conn->share_access);
"on %s: %s\n",
smb_fname_str_dbg(smb_fname),
nt_errstr(status)));
+
+ if (NT_STATUS_EQUAL(status, NT_STATUS_ACCESS_DENIED)) {
+ goto access_denied;
+ }
+
return status;
}
}
/* Here we know status == NT_STATUS_ACCESS_DENIED. */
+
+ access_denied:
+
if ((access_mask & FILE_WRITE_ATTRIBUTES) &&
(rejected_mask & FILE_WRITE_ATTRIBUTES) &&
(lp_map_readonly(SNUM(conn)) ||