CVE-2019-10197: smbd: split change_to_user_impersonate() out of change_to_user_internal()

This makes sure we always call chdir_current_service() even when we still impersonated the user. Which is important in order to run the SMB* request within the correct working directory and only if the user has permissions to enter that directory. It makes sure we always update conn->lastused_count in chdir_current_service() for each request. Note that vfs_ChDir() (called from chdir_current_service()) maintains its own cache and avoids calling SMB_VFS_CHDIR() if possible. It means we still avoid syscalls if we get a multiple requests for the same session/tcon tuple. BUG: https://bugzilla.samba.org/show_bug.cgi?id=14035 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Ralph Boehme <slow@samba.org> Autobuild-User(master): Karolin Seeger <kseeger@samba.org> Autobuild-Date(master): Tue Sep 3 09:27:22 UTC 2019 on sn-devel-184
author: Stefan Metzmacher <metze@samba.org> 2019-07-11 17:02:15 +0200
committer: Karolin Seeger <kseeger@samba.org> 2019-09-03 09:27:21 +0000
commit: efd4832c2cfc4092bafb93dd4caf32d04488919f (patch)
tree: 259b38e601dd4a29cfff924c07e3ed5eff4df17f /selftest
parent: 9ab5a51a6e770c8bd95ceca892808cf2cf670852 (diff)
download: samba-efd4832c2cfc4092bafb93dd4caf32d04488919f.tar.gz
1 files changed, 0 insertions, 1 deletions
diff --git a/selftest/knownfail.d/CVE-2019-10197 b/selftest/knownfail.d/CVE-2019-10197
deleted file mode 100644
index f7056bbf3ad..00000000000
--- a/selftest/knownfail.d/CVE-2019-10197
+++ /dev/null
@@ -1 +0,0 @@
-^samba3.blackbox.smbclient_s3.*.noperm.share.regression
author	Stefan Metzmacher <metze@samba.org>	2019-07-11 17:02:15 +0200
committer	Karolin Seeger <kseeger@samba.org>	2019-09-03 09:27:21 +0000
commit	efd4832c2cfc4092bafb93dd4caf32d04488919f (patch)
tree	259b38e601dd4a29cfff924c07e3ed5eff4df17f /selftest
parent	9ab5a51a6e770c8bd95ceca892808cf2cf670852 (diff)
download	samba-efd4832c2cfc4092bafb93dd4caf32d04488919f.tar.gz