diff options
author | Jeremy Allison <jra@samba.org> | 2019-06-13 09:44:27 -0700 |
---|---|---|
committer | Jeremy Allison <jra@samba.org> | 2019-06-24 18:49:08 +0000 |
commit | 56c9ad12ee3e40569fd10c60526086ab2fbb3c10 (patch) | |
tree | 1861b24499b2f8731e3d6780e9b6cd306698a72b /source3/torture | |
parent | 4f32983ea8a24466165c043a73cb47b4073da15f (diff) | |
download | samba-56c9ad12ee3e40569fd10c60526086ab2fbb3c10.tar.gz |
s3: smbd: Ensure open for security descriptor access actually opens an fd.
Change test to check two things:
1) Open a symlink for SD read or write access should fail.
2) Request attribute open. Getsd/Setsd on this handle should
fail.
Signed-off-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Diffstat (limited to 'source3/torture')
-rw-r--r-- | source3/torture/torture.c | 22 |
1 files changed, 21 insertions, 1 deletions
diff --git a/source3/torture/torture.c b/source3/torture/torture.c index 9a3e10fb32d..dbdc703d2cd 100644 --- a/source3/torture/torture.c +++ b/source3/torture/torture.c @@ -7527,7 +7527,7 @@ static bool run_acl_symlink_test(int dummy) goto out; } - /* Open a handle on the symlink. */ + /* Open a handle on the symlink for SD set/get should fail. */ status = cli_ntcreate(cli, sname, 0, @@ -7540,6 +7540,26 @@ static bool run_acl_symlink_test(int dummy) &fnum, NULL); + if (NT_STATUS_IS_OK(status)) { + printf("Symlink open for getsd/setsd of %s " + "succeeded (should fail)\n", + sname); + goto out; + } + + /* Open a handle on the symlink. */ + status = cli_ntcreate(cli, + sname, + 0, + FILE_READ_ATTRIBUTES|FILE_WRITE_ATTRIBUTES, + 0, + FILE_SHARE_READ|FILE_SHARE_WRITE|FILE_SHARE_DELETE, + FILE_OPEN, + 0x0, + 0x0, + &fnum, + NULL); + if (!NT_STATUS_IS_OK(status)) { printf("cli_posix_open of %s failed (%s)\n", sname, |