diff options
| author | Andrew Bartlett <abartlet@samba.org> | 2019-03-21 17:21:58 +1300 |
|---|---|---|
| committer | Karolin Seeger <kseeger@samba.org> | 2019-04-05 09:48:18 +0200 |
| commit | 65a175aac08bc69eaaf6b4e011eb59b262e3417b (patch) | |
| tree | 0166f73cb3d2b0b058cf8f1cdd915f70695aab0a | |
| parent | 83cc536a42003bf2df0a5a121b07df33c1ffd96a (diff) | |
| download | samba-65a175aac08bc69eaaf6b4e011eb59b262e3417b.tar.gz | |
CVE-2019-3870 pysmbd: Include tests to show the outside umask has no impact
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13834
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
| -rw-r--r-- | python/samba/tests/ntacls_backup.py | 13 | ||||
| -rw-r--r-- | python/samba/tests/smbd_base.py | 2 | ||||
| -rw-r--r-- | selftest/knownfail.d/pymkdir-umask | 1 |
3 files changed, 15 insertions, 1 deletions
diff --git a/python/samba/tests/ntacls_backup.py b/python/samba/tests/ntacls_backup.py index 763804fd63f..b7defd35903 100644 --- a/python/samba/tests/ntacls_backup.py +++ b/python/samba/tests/ntacls_backup.py @@ -112,6 +112,12 @@ class NtaclsBackupRestoreTests(SmbdBaseTests): dirpath = os.path.join(self.service_root, 'a-dir') smbd.mkdir(dirpath, self.service) + mode = os.stat(dirpath).st_mode + + # This works in conjunction with the TEST_UMASK in smbd_base + # to ensure that permissions are not related to the umask + # but instead the smb.conf settings + self.assertEquals(mode & 0o777, 0o755) self.assertTrue(os.path.isdir(dirpath)) def test_smbd_create_file(self): @@ -123,6 +129,13 @@ class NtaclsBackupRestoreTests(SmbdBaseTests): smbd.create_file(filepath, self.service) self.assertTrue(os.path.isfile(filepath)) + mode = os.stat(filepath).st_mode + + # This works in conjunction with the TEST_UMASK in smbd_base + # to ensure that permissions are not related to the umask + # but instead the smb.conf settings + self.assertEquals(mode & 0o777, 0o644) + # As well as checking that unlink works, this removes the # fake xattrs from the dev/inode based DB smbd.unlink(filepath, self.service) diff --git a/python/samba/tests/smbd_base.py b/python/samba/tests/smbd_base.py index 4e5c3641e2c..b49bcc0828f 100644 --- a/python/samba/tests/smbd_base.py +++ b/python/samba/tests/smbd_base.py @@ -17,7 +17,7 @@ from samba.tests import TestCaseInTempDir import os -TEST_UMASK = 0o022 +TEST_UMASK = 0o042 class SmbdBaseTests(TestCaseInTempDir): diff --git a/selftest/knownfail.d/pymkdir-umask b/selftest/knownfail.d/pymkdir-umask new file mode 100644 index 00000000000..5af01be44e3 --- /dev/null +++ b/selftest/knownfail.d/pymkdir-umask @@ -0,0 +1 @@ +^samba.tests.ntacls_backup.samba.tests.ntacls_backup.NtaclsBackupRestoreTests.test_smbd_mkdir
\ No newline at end of file |