From e99338cf2522a8ae3a79f0a59695ab7e0ca50153 Mon Sep 17 00:00:00 2001 From: Ralph Boehme Date: Sat, 8 May 2021 21:45:25 +0200 Subject: [PATCH 1/2] smbd: drop requirement for full open for READ_CONTROL_ACCESS, WRITE_DAC_ACCESS and WRITE_OWNER_ACCESS This was needed before we had pathref fsps, with pathref fsps we can do operation requiring WRITE_OWNER_ACCESS, WRITE_DAC_ACCESS and READ_CONTROL_ACCESS on the pathref fsp. BUG: https://bugzilla.samba.org/show_bug.cgi?id=14700 Signed-off-by: Ralph Boehme Reviewed-by: Jeremy Allison (cherry picked from commit e71e373a07e467ff2d2328f39bd2bc285e2ba840) --- source3/smbd/open.c | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-) diff --git a/source3/smbd/open.c b/source3/smbd/open.c index c29662b4fd2..2427774af1f 100644 --- a/source3/smbd/open.c +++ b/source3/smbd/open.c @@ -1279,10 +1279,7 @@ static NTSTATUS open_file(files_struct *fsp, FILE_WRITE_DATA | FILE_APPEND_DATA | FILE_EXECUTE | - WRITE_DAC_ACCESS | - WRITE_OWNER_ACCESS | - SEC_FLAG_SYSTEM_SECURITY | - READ_CONTROL_ACCESS; + SEC_FLAG_SYSTEM_SECURITY; bool creating = !file_existed && (flags & O_CREAT); bool truncating = (flags & O_TRUNC); bool open_fd = false; -- 2.31.1 From 65f3744ca109f34387764249528716f0b38453ba Mon Sep 17 00:00:00 2001 From: Ralph Boehme Date: Tue, 29 Jun 2021 12:47:34 +0200 Subject: [PATCH 2/2] smbd: only open full fd for directories if needed BUG: https://bugzilla.samba.org/show_bug.cgi?id=14700 RN: File owner not available when file unreadable Signed-off-by: Ralph Boehme Reviewed-by: Jeremy Allison Autobuild-User(master): Jeremy Allison Autobuild-Date(master): Mon Aug 2 18:05:04 UTC 2021 on sn-devel-184 (cherry picked from commit 6d928eb1e8ea44f0d0aea4ec9b1b7c385a281193) --- source3/smbd/open.c | 26 ++++++++++++++++++++------ 1 file changed, 20 insertions(+), 6 deletions(-) diff --git a/source3/smbd/open.c b/source3/smbd/open.c index 2427774af1f..968dd8ecb00 100644 --- a/source3/smbd/open.c +++ b/source3/smbd/open.c @@ -4404,6 +4404,7 @@ static NTSTATUS open_directory(connection_struct *conn, struct timespec mtimespec; int info = 0; bool ok; + uint32_t need_fd_access; if (is_ntfs_stream_smb_fname(smb_dname)) { DEBUG(2, ("open_directory: %s is a stream name!\n", @@ -4596,12 +4597,25 @@ static NTSTATUS open_directory(connection_struct *conn, */ mtimespec = make_omit_timespec(); - status = reopen_from_fsp(fsp, O_RDONLY|O_DIRECTORY, 0, NULL); - if (!NT_STATUS_IS_OK(status)) { - DBG_INFO("Could not open fd for%s (%s)\n", - smb_fname_str_dbg(smb_dname), - nt_errstr(status)); - return status; + /* + * Obviously for FILE_LIST_DIRECTORY we need to reopen to get an fd + * usable for reading a directory. SMB2_FLUSH may be called on + * directories opened with FILE_ADD_FILE and FILE_ADD_SUBDIRECTORY so + * for those we need to reopen as well. + */ + need_fd_access = + FILE_LIST_DIRECTORY | + FILE_ADD_FILE | + FILE_ADD_SUBDIRECTORY; + + if (access_mask & need_fd_access) { + status = reopen_from_fsp(fsp, O_RDONLY | O_DIRECTORY, 0, NULL); + if (!NT_STATUS_IS_OK(status)) { + DBG_INFO("Could not open fd for [%s]: %s\n", + smb_fname_str_dbg(smb_dname), + nt_errstr(status)); + return status; + } } status = vfs_stat_fsp(fsp); -- 2.31.1