Ensure we don't return an incorrect access mask.

From the Microsoft test suite @ Connectathon:

Test Case: TestSuite_ScenarioNo009GrantedAccessTestS0
    File created with access = 0x7 (Read, Write, Delete)
    Query Info on file returns 0x87 (Read, Write, Delete, Read Attributes)

Jeremy.

diff --git a/source3/smbd/open.c b/source3/smbd/open.c
index d66f9bae170b7507307d3fac97b1066aa9c83aa0..7735301c22b466d2366788472fcab30bf871a782 100644 (file)
--- a/source3/smbd/open.c
+++ b/source3/smbd/open.c
@@ -2261,8 +2261,9 @@ static NTSTATUS open_file_ntcreate(connection_struct *conn,
 
        /*
         * According to Samba4, SEC_FILE_READ_ATTRIBUTE is always granted,
+        * but we don't have to store this - just ignore it on access check.
         */
-       fsp->access_mask = access_mask | FILE_READ_ATTRIBUTES;
+       fsp->access_mask = access_mask;
 
        if (file_existed) {
                /* stat opens on existing files don't get oplocks. */