Project

General

Profile

Actions

Bug #15032

closed

SMB: Can't create a file with a NULL DACL

Added by Matt Barden 2 months ago. Updated about 2 months ago.

Status:
Closed
Priority:
Normal
Assignee:
Category:
smb - SMB server and client
Start date:
Due date:
% Done:

100%

Estimated time:
Difficulty:
Medium
Tags:
Gerrit CR:
External Bug:

Description

SMB allows specifying an SD to set on a newly created file. Windows allows SDs to mark the DACL/SACL as 'PRESENT', but not provide the ACL (offset = 0). For DACLs, this implies the file has 'no security' (everyone can access it).

The SMB server does not detect this condition correctly during create-with-sd, as smb_sd_get_secinfo() only sets the appropriate SECINFO bit if the acl is non-NULL (rather than when it's marked PRESENT). This means that the new file will inherit the ACL from its parent, which may be more restrictive, instead of getting a NULL ACL.

Steps to Reproduce:
Run the new smb2.create.with-sd test in an smbtorture built from https://github.com/Nexenta/samba/tree/nex-eng-tort2. It will test only the DACL for non-admin users, and will test both the DACL and SACL for admin users.

Testing was done with the above smbtorture test.

Actions #1

Updated by Matt Barden 2 months ago

  • Description updated (diff)
Actions #2

Updated by Electric Monk 2 months ago

  • Gerrit CR set to 2411
Actions #3

Updated by Electric Monk about 2 months ago

  • Status changed from In Progress to Closed
  • % Done changed from 0 to 100

git commit 5cfb18f0d1f59686e64a1bf142efa2bf653d86a0

commit  5cfb18f0d1f59686e64a1bf142efa2bf653d86a0
Author: Matt Barden <mbarden@tintri.com>
Date:   2022-10-13T19:55:08.000Z

    15032 SMB: Can't create a file with a NULL DACL
    Reviewed by: Gordon Ross <gordon.w.ross@gmail.com>
    Reviewed by: Toomas Soome <tsoome@me.com>
    Reviewed by: Prashanth Badari <prbadari@tintri.com>
    Approved by: Dan McDonald <danmcd@mnx.io>

Actions

Also available in: Atom PDF