git.samba.org / samba.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 4143aa8)
r17295: Back out the become_root_uid_only change on the POSIX
authorJeremy Allison <jra@samba.org>
Fri, 28 Jul 2006 23:09:12 +0000 (23:09 +0000)
committerGerald (Jerry) Carter <jerry@samba.org>
Wed, 10 Oct 2007 16:38:24 +0000 (11:38 -0500)
acls code. I'm pretty sure this was safe, but become_root()
does other things to the token stack that become_root_uid_only()
does not, and as we're going into a vfs redirectred function
I decided it wasn't safe for now.
Jeremy.

source/smbd/posix_acls.c patch | blob | history
source/smbd/uid.c patch | blob | history

diff --git a/source/smbd/posix_acls.c b/source/smbd/posix_acls.c
index f2ed2778f2ff149bc65668b0052dff28cf9008fe..3ea442f818f9e8a297e88a275fce79ed6cdc32aa 100644 (file)
--- a/source/smbd/posix_acls.c
+++ b/source/smbd/posix_acls.c
@@ -2458,9 +2458,9 @@ static BOOL set_canon_ace_list(files_struct *fsp, canon_ace *the_ace, BOOL defau
                                DEBUG(5,("set_canon_ace_list: acl group control on and current user in file %s primary group.\n",
                                        fsp->fsp_name ));
 
-                               become_root_uid_only();
+                               become_root();
                                sret = SMB_VFS_SYS_ACL_SET_FILE(conn, fsp->fsp_name, the_acl_type, the_acl);
-                               unbecome_root_uid_only();
+                               unbecome_root();
                                if (sret == 0) {
                                        ret = True;     
                                }
@@ -2489,9 +2489,9 @@ static BOOL set_canon_ace_list(files_struct *fsp, canon_ace *the_ace, BOOL defau
                                DEBUG(5,("set_canon_ace_list: acl group control on and current user in file %s primary group.\n",
                                        fsp->fsp_name ));
 
-                               become_root_uid_only();
+                               become_root();
                                sret = SMB_VFS_SYS_ACL_SET_FD(fsp, fsp->fh->fd, the_acl);
-                               unbecome_root_uid_only();
+                               unbecome_root();
                                if (sret == 0) {
                                        ret = True;
                                }
@@ -3018,10 +3018,10 @@ static int try_chown(connection_struct *conn, const char *fname, uid_t uid, gid_
                /* Case (3) */
                     ( has_restore_priv ) ) {
 
-                       become_root_uid_only();
+                       become_root();
                        /* Keep the current file gid the same - take ownership doesn't imply group change. */
                        ret = SMB_VFS_CHOWN(conn, fname, uid, (gid_t)-1);
-                       unbecome_root_uid_only();
+                       unbecome_root();
                        return ret;
                }
        }
@@ -3045,10 +3045,10 @@ static int try_chown(connection_struct *conn, const char *fname, uid_t uid, gid_
        */
        uid = current_user.ut.uid;
 
-       become_root_uid_only();
+       become_root();
        /* Keep the current file gid the same. */
        ret = SMB_VFS_FCHOWN(fsp, fsp->fh->fd, uid, (gid_t)-1);
-       unbecome_root_uid_only();
+       unbecome_root();
 
        close_file_fchmod(fsp);
 
@@ -3226,9 +3226,9 @@ BOOL set_nt_acl(files_struct *fsp, uint32 security_info_sent, SEC_DESC *psd)
                                                                "current user in file %s primary group. Override delete_def_acl\n",
                                                                fsp->fsp_name ));
 
-                                                       become_root_uid_only();
+                                                       become_root();
                                                        sret = SMB_VFS_SYS_ACL_DELETE_DEF_FILE(conn, fsp->fsp_name);
-                                                       unbecome_root_uid_only();
+                                                       unbecome_root();
                                                }
 
                                                if (sret == -1) {
@@ -3273,9 +3273,9 @@ BOOL set_nt_acl(files_struct *fsp, uint32 security_info_sent, SEC_DESC *psd)
                                                                "current user in file %s primary group. Override chmod\n",
                                                                fsp->fsp_name ));
 
-                                                       become_root_uid_only();
+                                                       become_root();
                                                        sret = SMB_VFS_CHMOD(conn,fsp->fsp_name, posix_perms);
-                                                       unbecome_root_uid_only();
+                                                       unbecome_root();
                                                }
 
                                                if (sret == -1) {
diff --git a/source/smbd/uid.c b/source/smbd/uid.c
index 89d082e1aca6c04f557057b64e282ed79d32bdf4..85885803222f66d66a067a8cc094f8db3260d0bb 100644 (file)
--- a/source/smbd/uid.c
+++ b/source/smbd/uid.c
@@ -420,4 +420,3 @@ BOOL unbecome_user(void)
        pop_conn_ctx();
        return True;
 }
-
Samba Shared Repository