/*
access check for creating a new file/directory - no access mask supplied
*/
-NTSTATUS pvfs_access_check_create_nomask(struct pvfs_state *pvfs,
- struct smbsrv_request *req,
- struct pvfs_filename *name)
+NTSTATUS pvfs_access_check_parent(struct pvfs_state *pvfs,
+ struct smbsrv_request *req,
+ struct pvfs_filename *name,
+ uint32_t access_mask)
{
struct pvfs_filename *parent;
NTSTATUS status;
return status;
}
- return pvfs_access_check_simple(pvfs, req, parent, SEC_DIR_ADD_FILE);
+ return pvfs_access_check_simple(pvfs, req, parent, access_mask);
}
return NT_STATUS_OBJECT_NAME_COLLISION;
}
- status = pvfs_access_check_create_nomask(pvfs, req, name);
+ status = pvfs_access_check_parent(pvfs, req, name, SEC_DIR_ADD_FILE);
if (!NT_STATUS_IS_OK(status)) {
return status;
}
return NT_STATUS_OBJECT_NAME_COLLISION;
}
- status = pvfs_access_check_create_nomask(pvfs, req, name);
+ status = pvfs_access_check_parent(pvfs, req, name, SEC_DIR_ADD_FILE);
if (!NT_STATUS_IS_OK(status)) {
return status;
}
#include "includes.h"
#include "vfs_posix.h"
-
+#include "librpc/gen_ndr/ndr_security.h"
/*
resolve a wildcard rename pattern. This works on one component of the name
return status;
}
- status = pvfs_access_check_create_nomask(pvfs, req, name2);
+ status = pvfs_access_check_parent(pvfs, req, name2, SEC_DIR_ADD_FILE);
if (!NT_STATUS_IS_OK(status)) {
return status;
}
switch (ren->ntrename.in.flags) {
case RENAME_FLAG_RENAME:
- status = pvfs_access_check_create_nomask(pvfs, req, name2);
+ status = pvfs_access_check_parent(pvfs, req, name2, SEC_DIR_ADD_FILE);
if (!NT_STATUS_IS_OK(status)) {
return status;
}
break;
case RENAME_FLAG_HARD_LINK:
- status = pvfs_access_check_create_nomask(pvfs, req, name2);
+ status = pvfs_access_check_parent(pvfs, req, name2, SEC_DIR_ADD_FILE);
if (!NT_STATUS_IS_OK(status)) {
return status;
}
break;
case RENAME_FLAG_COPY:
- status = pvfs_access_check_create_nomask(pvfs, req, name2);
+ status = pvfs_access_check_parent(pvfs, req, name2, SEC_DIR_ADD_FILE);
if (!NT_STATUS_IS_OK(status)) {
return status;
}
#include "vfs_posix.h"
#include "system/time.h"
#include "system/filesys.h"
+#include "librpc/gen_ndr/ndr_security.h"
/* the state of a search started with pvfs_search_first() */
return STATUS_NO_MORE_FILES;
}
+ status = pvfs_access_check_parent(pvfs, req, name, SEC_DIR_TRAVERSE | SEC_DIR_LIST);
+ if (!NT_STATUS_IS_OK(status)) {
+ return status;
+ }
+
/* we initially make search a child of the request, then if we
need to keep it long term we steal it for the private
structure */
return NT_STATUS_NO_SUCH_FILE;
}
+ status = pvfs_access_check_parent(pvfs, req, name, SEC_DIR_TRAVERSE | SEC_DIR_LIST);
+ if (!NT_STATUS_IS_OK(status)) {
+ return status;
+ }
+
/* we initially make search a child of the request, then if we
need to keep it long term we steal it for the private
structure */
}
}
- status = pvfs_access_check_create_nomask(pvfs, req, name2);
+ status = pvfs_access_check_parent(pvfs, req, name2, SEC_DIR_ADD_FILE);
if (!NT_STATUS_IS_OK(status)) {
return status;
}