Author: tridge Date: 2004-12-21 11:44:32 +0000 (Tue, 21 Dec 2004) New Revision: 4314
WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=4314 Log: added ACL checking on unlink Modified: branches/SAMBA_4_0/source/ntvfs/posix/pvfs_acl.c branches/SAMBA_4_0/source/ntvfs/posix/pvfs_open.c branches/SAMBA_4_0/source/ntvfs/posix/pvfs_rename.c branches/SAMBA_4_0/source/ntvfs/posix/pvfs_setfileinfo.c branches/SAMBA_4_0/source/ntvfs/posix/pvfs_unlink.c Changeset: Modified: branches/SAMBA_4_0/source/ntvfs/posix/pvfs_acl.c =================================================================== --- branches/SAMBA_4_0/source/ntvfs/posix/pvfs_acl.c 2004-12-21 11:43:46 UTC (rev 4313) +++ branches/SAMBA_4_0/source/ntvfs/posix/pvfs_acl.c 2004-12-21 11:44:32 UTC (rev 4314) @@ -390,3 +390,16 @@ return status; } + + +/* + a simplified interface to access check, designed for calls that + do not take or return an access check mask +*/ +NTSTATUS pvfs_access_check_simple(struct pvfs_state *pvfs, + struct smbsrv_request *req, + struct pvfs_filename *name, + uint32_t access_needed) +{ + return pvfs_access_check(pvfs, req, name, &access_needed); +} Modified: branches/SAMBA_4_0/source/ntvfs/posix/pvfs_open.c =================================================================== --- branches/SAMBA_4_0/source/ntvfs/posix/pvfs_open.c 2004-12-21 11:43:46 UTC (rev 4313) +++ branches/SAMBA_4_0/source/ntvfs/posix/pvfs_open.c 2004-12-21 11:44:32 UTC (rev 4314) @@ -1211,7 +1211,9 @@ determine if a file can be deleted, or if it is prevented by an already open file */ -NTSTATUS pvfs_can_delete(struct pvfs_state *pvfs, struct pvfs_filename *name) +NTSTATUS pvfs_can_delete(struct pvfs_state *pvfs, + struct smbsrv_request *req, + struct pvfs_filename *name) { NTSTATUS status; DATA_BLOB key; @@ -1228,6 +1230,10 @@ NTCREATEX_OPTIONS_DELETE_ON_CLOSE, SEC_STD_DELETE); + if (NT_STATUS_IS_OK(status)) { + status = pvfs_access_check_simple(pvfs, req, name, SEC_STD_DELETE); + } + return status; } Modified: branches/SAMBA_4_0/source/ntvfs/posix/pvfs_rename.c =================================================================== --- branches/SAMBA_4_0/source/ntvfs/posix/pvfs_rename.c 2004-12-21 11:43:46 UTC (rev 4313) +++ branches/SAMBA_4_0/source/ntvfs/posix/pvfs_rename.c 2004-12-21 11:44:32 UTC (rev 4314) @@ -162,7 +162,7 @@ status = pvfs_resolve_partial(pvfs, mem_ctx, dir_path, fname2, &name2); if (NT_STATUS_IS_OK(status)) { - status = pvfs_can_delete(pvfs, name2); + status = pvfs_can_delete(pvfs, req, name2); if (!NT_STATUS_IS_OK(status)) { talloc_free(mem_ctx); return status; Modified: branches/SAMBA_4_0/source/ntvfs/posix/pvfs_setfileinfo.c =================================================================== --- branches/SAMBA_4_0/source/ntvfs/posix/pvfs_setfileinfo.c 2004-12-21 11:43:46 UTC (rev 4313) +++ branches/SAMBA_4_0/source/ntvfs/posix/pvfs_setfileinfo.c 2004-12-21 11:44:32 UTC (rev 4314) @@ -91,7 +91,7 @@ return NT_STATUS_OBJECT_NAME_COLLISION; } - status = pvfs_can_delete(pvfs, name2); + status = pvfs_can_delete(pvfs, req, name2); if (NT_STATUS_EQUAL(status, NT_STATUS_SHARING_VIOLATION)) { return NT_STATUS_ACCESS_DENIED; } Modified: branches/SAMBA_4_0/source/ntvfs/posix/pvfs_unlink.c =================================================================== --- branches/SAMBA_4_0/source/ntvfs/posix/pvfs_unlink.c 2004-12-21 11:43:46 UTC (rev 4313) +++ branches/SAMBA_4_0/source/ntvfs/posix/pvfs_unlink.c 2004-12-21 11:44:32 UTC (rev 4314) @@ -27,7 +27,9 @@ /* unlink a stream */ -static NTSTATUS pvfs_unlink_stream(struct pvfs_state *pvfs, struct pvfs_filename *name, +static NTSTATUS pvfs_unlink_stream(struct pvfs_state *pvfs, + struct smbsrv_request *req, + struct pvfs_filename *name, uint16_t attrib) { NTSTATUS status; @@ -42,7 +44,7 @@ return status; } - status = pvfs_can_delete(pvfs, name); + status = pvfs_can_delete(pvfs, req, name); if (!NT_STATUS_IS_OK(status)) { return status; } @@ -54,7 +56,8 @@ /* unlink one file */ -static NTSTATUS pvfs_unlink_one(struct pvfs_state *pvfs, TALLOC_CTX *mem_ctx, +static NTSTATUS pvfs_unlink_one(struct pvfs_state *pvfs, + struct smbsrv_request *req, const char *unix_path, const char *fname, uint32_t attrib) { @@ -62,7 +65,7 @@ NTSTATUS status; /* get a pvfs_filename object */ - status = pvfs_resolve_partial(pvfs, mem_ctx, + status = pvfs_resolve_partial(pvfs, req, unix_path, fname, &name); if (!NT_STATUS_IS_OK(status)) { return status; @@ -75,7 +78,7 @@ return status; } - status = pvfs_can_delete(pvfs, name); + status = pvfs_can_delete(pvfs, req, name); if (!NT_STATUS_IS_OK(status)) { talloc_free(name); return status; @@ -133,7 +136,7 @@ } if (name->stream_name) { - return pvfs_unlink_stream(pvfs, name, unl->in.attrib); + return pvfs_unlink_stream(pvfs, req, name, unl->in.attrib); } /* get list of matching files */