s3: smbd: Ensure change notifies can't get set unless the directory handle is open...

author Jeremy Allison <jra@samba.org>

Wed, 8 Jul 2020 01:25:23 +0000 (18:25 -0700)

committer Karolin Seeger <kseeger@samba.org>

Thu, 29 Oct 2020 11:47:35 +0000 (11:47 +0000)
author Jeremy Allison <jra@samba.org>
Wed, 8 Jul 2020 01:25:23 +0000 (18:25 -0700)
committer Karolin Seeger <kseeger@samba.org>
Thu, 29 Oct 2020 11:47:35 +0000 (11:47 +0000)
diff --git a/selftest/knownfail.d/smb2_notify_handle_permissions b/selftest/knownfail.d/smb2_notify_handle_permissions

deleted file mode 100644 (file)

index c0ec8fc..0000000
--- a/selftest/knownfail.d/smb2_notify_handle_permissions
+++ /dev/null
@@ -1,2 +0,0 @@
-^samba3.smb2.notify.handle-permissions
-
diff --git a/source3/smbd/notify.c b/source3/smbd/notify.c

index eb6317b7e8ab9856b103262d97fb41d70a896f15..5f18b5cf794c6e7b8062b5777577c969d391e792 100644 (file)
--- a/source3/smbd/notify.c
+++ b/source3/smbd/notify.c
@@ -289,6 +289,14 @@ NTSTATUS change_notify_create(struct files_struct *fsp,
         char fullpath[len+1];
         NTSTATUS status = NT_STATUS_NOT_IMPLEMENTED;
  
+       /*
+        * Setting a changenotify needs READ/LIST access
+        * on the directory handle.
+        */
+       if (!(fsp->access_mask & SEC_DIR_LIST)) {
+               return NT_STATUS_ACCESS_DENIED;
+       }
+
         if (fsp->notify != NULL) {
                 DEBUG(1, ("change_notify_create: fsp->notify != NULL, "
                           "fname = %s\n", fsp->fsp_name->base_name));
author	Jeremy Allison <jra@samba.org>
	Wed, 8 Jul 2020 01:25:23 +0000 (18:25 -0700)
committer	Karolin Seeger <kseeger@samba.org>
	Thu, 29 Oct 2020 11:47:35 +0000 (11:47 +0000)
selftest/knownfail.d/smb2_notify_handle_permissions	[deleted file]	patch \| blob \| history
source3/smbd/notify.c		patch \| blob \| history