Add bool use_privs parameter to smbd_check_access_rights()

If this is set we should use it in preference to blindly assuming
root can do anything. Currently set to 'false' in (most) callers.

diff --git a/source3/smbd/dir.c b/source3/smbd/dir.c
index b212c38dd392b1042becad6e0d45e87b53c6d366..e12812e8da281debc87666baa18fdd640eecaca5 100644 (file)
--- a/source3/smbd/dir.c
+++ b/source3/smbd/dir.c
@@ -533,6 +533,7 @@ NTSTATUS dptr_create(connection_struct *conn,
                }
                status = smbd_check_access_rights(conn,
                                                smb_dname,
+                                               backup_intent,
                                                SEC_DIR_LIST);
                if (!NT_STATUS_IS_OK(status)) {
                        return status;
@@ -1281,6 +1282,7 @@ static bool user_can_read_file(connection_struct *conn,
 
        return NT_STATUS_IS_OK(smbd_check_access_rights(conn,
                                smb_fname,
+                               false,
                                FILE_READ_DATA));
 }
 

diff --git a/source3/smbd/file_access.c b/source3/smbd/file_access.c
index 6ced6a625587798ffdadb1d92b75a1d88048e679..015679deb0bc2a625ce176a7d486861117bef0cb 100644 (file)
--- a/source3/smbd/file_access.c
+++ b/source3/smbd/file_access.c
@@ -124,6 +124,7 @@ bool can_delete_file_in_directory(connection_struct *conn,
 
        ret = NT_STATUS_IS_OK(smbd_check_access_rights(conn,
                                smb_fname_parent,
+                               false,
                                FILE_DELETE_CHILD));
  out:
        TALLOC_FREE(dname);
@@ -140,6 +141,7 @@ bool can_write_to_file(connection_struct *conn,
 {
        return NT_STATUS_IS_OK(smbd_check_access_rights(conn,
                                smb_fname,
+                               false,
                                FILE_WRITE_DATA));
 }
 

diff --git a/source3/smbd/open.c b/source3/smbd/open.c
index 0da238679eb83be32a33b20c1b20bb8eb7751332..ccad07c6e9b44a8cf8dedcdb3b298f484361b1eb 100644 (file)
--- a/source3/smbd/open.c
+++ b/source3/smbd/open.c
@@ -65,6 +65,7 @@ static bool parent_override_delete(connection_struct *conn,
 
 NTSTATUS smbd_check_access_rights(struct connection_struct *conn,
                                const struct smb_filename *smb_fname,
+                               bool use_privs,
                                uint32_t access_mask)
 {
        /* Check if we have rights to open. */
@@ -84,7 +85,7 @@ NTSTATUS smbd_check_access_rights(struct connection_struct *conn,
                return NT_STATUS_ACCESS_DENIED;
        }
 
-       if (get_current_uid(conn) == (uid_t)0) {
+       if (!use_privs && get_current_uid(conn) == (uid_t)0) {
                /* I'm sorry sir, I didn't know you were root... */
                DEBUG(10,("smbd_check_access_rights: root override "
                        "on %s. Granting 0x%x\n",
@@ -135,7 +136,7 @@ NTSTATUS smbd_check_access_rights(struct connection_struct *conn,
         */
        status = se_file_access_check(sd,
                                get_current_nttok(conn),
-                               false,
+                               use_privs,
                                (access_mask & ~FILE_READ_ATTRIBUTES),
                                &rejected_mask);
 
@@ -745,6 +746,7 @@ static NTSTATUS open_file(files_struct *fsp,
                        if (file_existed) {
                                status = smbd_check_access_rights(conn,
                                                smb_fname,
+                                               false,
                                                access_mask);
                        } else if (local_flags & O_CREAT){
                                status = check_parent_access(conn,
@@ -836,6 +838,7 @@ static NTSTATUS open_file(files_struct *fsp,
 
                status = smbd_check_access_rights(conn,
                                smb_fname,
+                               false,
                                access_mask);
 
                if (NT_STATUS_EQUAL(status, NT_STATUS_OBJECT_NAME_NOT_FOUND) &&
@@ -2308,7 +2311,9 @@ static NTSTATUS open_file_ntcreate(connection_struct *conn,
                        if (((can_access_mask & FILE_WRITE_DATA) &&
                                !CAN_WRITE(conn)) ||
                                !NT_STATUS_IS_OK(smbd_check_access_rights(conn,
-                                               smb_fname, can_access_mask))) {
+                                                       smb_fname,
+                                                       false,
+                                                       can_access_mask))) {
                                can_access = False;
                        }
 
@@ -3025,7 +3030,10 @@ static NTSTATUS open_directory(connection_struct *conn,
        }
 
        if (info == FILE_WAS_OPENED) {
-               status = smbd_check_access_rights(conn, smb_dname, access_mask);
+               status = smbd_check_access_rights(conn,
+                                               smb_dname,
+                                               false,
+                                               access_mask);
                if (!NT_STATUS_IS_OK(status)) {
                        DEBUG(10, ("open_directory: smbd_check_access_rights on "
                                "file %s failed with %s\n",

diff --git a/source3/smbd/proto.h b/source3/smbd/proto.h
index 5d6a2999735dd5a07acb2a0ecdef64438012f20d..a1cef16139b5dd201dfb072b0c103d4134699b3b 100644 (file)
--- a/source3/smbd/proto.h
+++ b/source3/smbd/proto.h
@@ -598,6 +598,7 @@ void reply_nttranss(struct smb_request *req);
 
 NTSTATUS smbd_check_access_rights(struct connection_struct *conn,
                                const struct smb_filename *smb_fname,
+                               bool use_privs,
                                uint32_t access_mask);
 NTSTATUS fd_open(struct connection_struct *conn, files_struct *fsp,
                 int flags, mode_t mode);

diff --git a/source3/smbd/trans2.c b/source3/smbd/trans2.c
index 2bc85bf55052921d873d37546ef198a30d5a4d55..d108ee6243fd225d7dc8e08e5fd998f51f07c953 100644 (file)
--- a/source3/smbd/trans2.c
+++ b/source3/smbd/trans2.c
@@ -67,6 +67,7 @@ NTSTATUS check_access(connection_struct *conn,
        } else {
                NTSTATUS status = smbd_check_access_rights(conn,
                                        smb_fname,
+                                       false,
                                        access_mask);
                if (!NT_STATUS_IS_OK(status)) {
                        return status;