[SCM] Samba Shared Repository - branch v3-5-test updated

Thu, 15 Oct 2009 18:53:34 -0700 

The branch, v3-5-test has been updated
       via  8395c1d... s4-torture: take privileges into account in 
BASE-MAXIMUM_ALLOWED
       via  4e3ea9e... idl: added bit definition for privilege masks
      from  218d588... Fix valgrind memory leak in bug #6814 - Fixes for 
problems reported by valgrind Jeremy.

http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-5-test


- Log -----------------------------------------------------------------
commit 8395c1d67e64c5fcfe51305fb7cfd86a592b128e
Author: Andrew Tridgell <tri...@samba.org>
Date:   Fri Oct 16 10:04:26 2009 +1100

    s4-torture: take privileges into account in BASE-MAXIMUM_ALLOWED
    
    The correct answer depends on the users privileges.

commit 4e3ea9e0da8e2f7d99b76114da4bca46c15d188c
Author: Andrew Tridgell <tri...@samba.org>
Date:   Fri Oct 16 10:01:28 2009 +1100

    idl: added bit definition for privilege masks
    
    When you have backup or restore privileges, you automatically get
    extra access bits in ACL interpretation. This adds definitions for the
    bits you get.

-----------------------------------------------------------------------

Summary of changes:
 librpc/gen_ndr/security.h        |    4 ++
 librpc/idl/security.idl          |   15 ++++++++++
 source4/torture/basic/denytest.c |   58 +++++++++++++++++++++++++++++++------
 3 files changed, 67 insertions(+), 10 deletions(-)


Changeset truncated at 500 lines:

diff --git a/librpc/gen_ndr/security.h b/librpc/gen_ndr/security.h
index 05df02a..297ba18 100644
--- a/librpc/gen_ndr/security.h
+++ b/librpc/gen_ndr/security.h
@@ -70,6 +70,10 @@
 #define SEC_RIGHTS_DIR_WRITE   ( SEC_RIGHTS_FILE_WRITE )
 #define SEC_RIGHTS_DIR_EXECUTE ( SEC_RIGHTS_FILE_EXECUTE )
 #define SEC_RIGHTS_DIR_ALL     ( SEC_RIGHTS_FILE_ALL )
+#define SEC_RIGHTS_PRIV_BACKUP ( 
SEC_STD_READ_CONTROL|SEC_FLAG_SYSTEM_SECURITY|SEC_GENERIC_READ )
+#define SEC_RIGHTS_DIR_PRIV_BACKUP     ( 
SEC_RIGHTS_PRIV_BACKUP|SEC_DIR_TRAVERSE )
+#define SEC_RIGHTS_PRIV_RESTORE        ( 
SEC_STD_WRITE_DAC|SEC_STD_WRITE_OWNER|SEC_FLAG_SYSTEM_SECURITY|SEC_STD_DELETE )
+#define SEC_RIGHTS_DIR_PRIV_RESTORE    ( 
SEC_RIGHTS_PRIV_RESTORE|SEC_DIR_ADD_FILE|SEC_DIR_ADD_SUBDIR )
 #define STANDARD_RIGHTS_ALL_ACCESS     ( SEC_STD_ALL )
 #define STANDARD_RIGHTS_MODIFY_ACCESS  ( SEC_STD_READ_CONTROL )
 #define STANDARD_RIGHTS_EXECUTE_ACCESS ( SEC_STD_READ_CONTROL )
diff --git a/librpc/idl/security.idl b/librpc/idl/security.idl
index 96d24b6..c24dc64 100644
--- a/librpc/idl/security.idl
+++ b/librpc/idl/security.idl
@@ -144,6 +144,21 @@ interface security
        const int SEC_RIGHTS_DIR_EXECUTE  = SEC_RIGHTS_FILE_EXECUTE;
        const int SEC_RIGHTS_DIR_ALL      = SEC_RIGHTS_FILE_ALL;
 
+       /* rights granted by some specific privileges */
+       const int SEC_RIGHTS_PRIV_BACKUP  = SEC_STD_READ_CONTROL | 
+                                           SEC_FLAG_SYSTEM_SECURITY |
+                                           SEC_GENERIC_READ;
+       const int SEC_RIGHTS_DIR_PRIV_BACKUP  = SEC_RIGHTS_PRIV_BACKUP 
+                                             | SEC_DIR_TRAVERSE;
+
+       const int SEC_RIGHTS_PRIV_RESTORE = SEC_STD_WRITE_DAC | 
+                                           SEC_STD_WRITE_OWNER |
+                                           SEC_FLAG_SYSTEM_SECURITY |
+                                           SEC_STD_DELETE;
+       const int SEC_RIGHTS_DIR_PRIV_RESTORE = SEC_RIGHTS_PRIV_RESTORE | 
+                                           SEC_DIR_ADD_FILE |
+                                           SEC_DIR_ADD_SUBDIR;
+
        /* combinations of standard masks. */
        const int STANDARD_RIGHTS_ALL_ACCESS            = SEC_STD_ALL; /* 
0x001f0000 */
        const int STANDARD_RIGHTS_MODIFY_ACCESS         = SEC_STD_READ_CONTROL; 
/* 0x00020000 */
diff --git a/source4/torture/basic/denytest.c b/source4/torture/basic/denytest.c
index 0802896..5f65a2e 100644
--- a/source4/torture/basic/denytest.c
+++ b/source4/torture/basic/denytest.c
@@ -25,6 +25,7 @@
 #include "libcli/security/security.h"
 #include "torture/util.h"
 #include "torture/smbtorture.h"
+#include "libcli/util/clilsa.h"
 #include "cxd_known.h"
 
 extern int torture_failures;
@@ -2663,12 +2664,15 @@ bool torture_createx_access_exhaustive(struct 
torture_context *tctx,
 bool torture_maximum_allowed(struct torture_context *tctx,
     struct smbcli_state *cli)
 {
-       struct security_descriptor *sd;
+       struct security_descriptor *sd, *sd_orig;
        union smb_open io = {};
        static TALLOC_CTX *mem_ctx;
        int fnum, i;
        bool ret = true;
        NTSTATUS status;
+       union smb_fileinfo q;
+       const char *owner_sid;
+       bool has_restore_privilege, has_backup_privilege;
 
        mem_ctx = talloc_init("torture_maximum_allowed");
 
@@ -2698,10 +2702,44 @@ bool torture_maximum_allowed(struct torture_context 
*tctx,
        CHECK_STATUS(status, NT_STATUS_OK);
        fnum = io.ntcreatex.out.file.fnum;
 
+       /* the correct answers for this test depends on whether the
+          user has restore privileges. To find that out we first need
+          to know our SID - get it from the owner_sid of the file we
+          just created */
+       q.query_secdesc.level = RAW_FILEINFO_SEC_DESC;
+       q.query_secdesc.in.file.fnum = fnum;
+       q.query_secdesc.in.secinfo_flags = SECINFO_DACL | SECINFO_OWNER;
+       status = smb_raw_fileinfo(cli->tree, tctx, &q);
+       CHECK_STATUS(status, NT_STATUS_OK);
+       sd_orig = q.query_secdesc.out.sd;
+
+       owner_sid = dom_sid_string(tctx, sd_orig->owner_sid);
+
+       status = smblsa_sid_check_privilege(cli, 
+                                           owner_sid, 
+                                           
sec_privilege_name(SEC_PRIV_RESTORE));
+       has_restore_privilege = NT_STATUS_IS_OK(status);
+       torture_comment(tctx, "Checked SEC_PRIV_RESTORE - %s\n", 
has_restore_privilege?"Yes":"No");
+
+       status = smblsa_sid_check_privilege(cli, 
+                                           owner_sid, 
+                                           
sec_privilege_name(SEC_PRIV_BACKUP));
+       has_backup_privilege = NT_STATUS_IS_OK(status);
+       torture_comment(tctx, "Checked SEC_PRIV_BACKUP - %s\n", 
has_backup_privilege?"Yes":"No");
+
        smbcli_close(cli->tree, fnum);
 
        for (i = 0; i < 32; i++) {
                uint32_t mask = SEC_FLAG_MAXIMUM_ALLOWED | (1u << i);
+               uint32_t ok_mask = SEC_RIGHTS_FILE_READ | SEC_GENERIC_READ | 
+                       SEC_STD_DELETE | SEC_STD_WRITE_DAC;
+
+               if (has_restore_privilege) {
+                       ok_mask |= SEC_RIGHTS_PRIV_RESTORE;
+               }
+               if (has_backup_privilege) {
+                       ok_mask |= SEC_RIGHTS_PRIV_BACKUP;
+               }
 
                /* Skip all SACL related tests. */
                if ((!torture_setting_bool(tctx, "sacl_support", true)) &&
@@ -2718,16 +2756,16 @@ bool torture_maximum_allowed(struct torture_context 
*tctx,
                io.ntcreatex.in.fname = MAXIMUM_ALLOWED_FILE;
 
                status = smb_raw_open(cli->tree, mem_ctx, &io);
-               if (mask & SEC_RIGHTS_FILE_READ ||
-                   mask & SEC_GENERIC_READ ||
-                   mask & SEC_STD_DELETE || /* owner gets delete */
-                   mask & SEC_STD_WRITE_DAC || /* and write_dac */
-                   mask & SEC_STD_WRITE_OWNER ||
-                   mask & SEC_FLAG_SYSTEM_SECURITY ||
-                   mask == SEC_FLAG_MAXIMUM_ALLOWED)
+               if (mask & ok_mask ||
+                   mask == SEC_FLAG_MAXIMUM_ALLOWED) {
                        CHECK_STATUS(status, NT_STATUS_OK);
-               else
-                       CHECK_STATUS(status, NT_STATUS_ACCESS_DENIED);
+               } else {
+                       if (mask & SEC_FLAG_SYSTEM_SECURITY) {
+                               CHECK_STATUS(status, 
NT_STATUS_PRIVILEGE_NOT_HELD);
+                       } else {
+                               CHECK_STATUS(status, NT_STATUS_ACCESS_DENIED);
+                       }
+               }
 
                fnum = io.ntcreatex.out.file.fnum;
 


-- 
Samba Shared Repository

Reply via email to