CVE-2015-7560: s3: smbd: Refuse to set an ACL from a POSIX file handle on a symlink.

author Jeremy Allison <jra@samba.org>

Tue, 5 Jan 2016 18:52:50 +0000 (10:52 -0800)

committer Karolin Seeger <kseeger@samba.org>

Wed, 24 Feb 2016 10:38:52 +0000 (11:38 +0100)
author Jeremy Allison <jra@samba.org>
Tue, 5 Jan 2016 18:52:50 +0000 (10:52 -0800)
committer Karolin Seeger <kseeger@samba.org>
Wed, 24 Feb 2016 10:38:52 +0000 (11:38 +0100)
diff --git a/source3/smbd/nttrans.c b/source3/smbd/nttrans.c

index 5a6a784b16d2f341d7fc0a2ac9289f6e7e47b2bd..8d887a30076e37103c20b9146169fd985bcf453c 100644 (file)
--- a/source3/smbd/nttrans.c
+++ b/source3/smbd/nttrans.c
@@ -882,6 +882,12 @@ NTSTATUS set_sd(files_struct *fsp, struct security_descriptor *psd,
                 return NT_STATUS_OK;
         }
  
+       if (S_ISLNK(fsp->fsp_name->st.st_ex_mode)) {
+               DEBUG(10, ("ACL set on symlink %s denied.\n",
+                       fsp_str_dbg(fsp)));
+               return NT_STATUS_ACCESS_DENIED;
+       }
+
         if (psd->owner_sid == NULL) {
                 security_info_sent &= ~SECINFO_OWNER;
         }
author	Jeremy Allison <jra@samba.org>
	Tue, 5 Jan 2016 18:52:50 +0000 (10:52 -0800)
committer	Karolin Seeger <kseeger@samba.org>
	Wed, 24 Feb 2016 10:38:52 +0000 (11:38 +0100)