git.samba.org
/
samba.git
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
| inline |
side by side
(parent:
7f893ff
)
CVE-2015-7560: s3: smbd: Refuse to set an ACL from a POSIX file handle on a symlink.
author
Jeremy Allison
<jra@samba.org>
Tue, 5 Jan 2016 18:52:50 +0000
(10:52 -0800)
committer
Karolin Seeger
<kseeger@samba.org>
Wed, 24 Feb 2016 10:38:52 +0000
(11:38 +0100)
BUG: https://bugzilla.samba.org/show_bug.cgi?id=11648
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
source3/smbd/nttrans.c
patch
|
blob
|
history
diff --git
a/source3/smbd/nttrans.c
b/source3/smbd/nttrans.c
index 5a6a784b16d2f341d7fc0a2ac9289f6e7e47b2bd..8d887a30076e37103c20b9146169fd985bcf453c 100644
(file)
--- a/
source3/smbd/nttrans.c
+++ b/
source3/smbd/nttrans.c
@@
-882,6
+882,12
@@
NTSTATUS set_sd(files_struct *fsp, struct security_descriptor *psd,
return NT_STATUS_OK;
}
+ if (S_ISLNK(fsp->fsp_name->st.st_ex_mode)) {
+ DEBUG(10, ("ACL set on symlink %s denied.\n",
+ fsp_str_dbg(fsp)));
+ return NT_STATUS_ACCESS_DENIED;
+ }
+
if (psd->owner_sid == NULL) {
security_info_sent &= ~SECINFO_OWNER;
}