mirror of https://gitee.com/openkylin/linux.git
cifs: Use mask of ACEs for SID Everyone to calculate all three permissions user, group, and other
If a DACL has entries for ACEs for SID Everyone and Authenticated Users, factor in mask in respective entries during calculation of permissions for all three, user, group, and other. http://technet.microsoft.com/en-us/library/bb463216.aspx Signed-off-by: Shirish Pargaonkar <shirishpargaonkar@gmail.com> Reviewed-by: Jeff Layton <jlayton@redhat.com> Signed-off-by: Steve French <sfrench@us.ibm.com>
This commit is contained in:
parent
540b2e3777
commit
2fbc2f1729
|
@ -41,9 +41,12 @@ static struct cifs_wksid wksidarr[NUM_WK_SIDS] = {
|
||||||
;
|
;
|
||||||
|
|
||||||
|
|
||||||
/* security id for everyone */
|
/* security id for everyone/world system group */
|
||||||
static const struct cifs_sid sid_everyone = {
|
static const struct cifs_sid sid_everyone = {
|
||||||
1, 1, {0, 0, 0, 0, 0, 1}, {0} };
|
1, 1, {0, 0, 0, 0, 0, 1}, {0} };
|
||||||
|
/* security id for Authenticated Users system group */
|
||||||
|
static const struct cifs_sid sid_authusers = {
|
||||||
|
1, 1, {0, 0, 0, 0, 0, 5}, {11} };
|
||||||
/* group users */
|
/* group users */
|
||||||
static const struct cifs_sid sid_user = {1, 2 , {0, 0, 0, 0, 0, 5}, {} };
|
static const struct cifs_sid sid_user = {1, 2 , {0, 0, 0, 0, 0, 5}, {} };
|
||||||
|
|
||||||
|
@ -365,7 +368,7 @@ static void parse_dacl(struct cifs_acl *pdacl, char *end_of_acl,
|
||||||
if (num_aces > 0) {
|
if (num_aces > 0) {
|
||||||
umode_t user_mask = S_IRWXU;
|
umode_t user_mask = S_IRWXU;
|
||||||
umode_t group_mask = S_IRWXG;
|
umode_t group_mask = S_IRWXG;
|
||||||
umode_t other_mask = S_IRWXO;
|
umode_t other_mask = S_IRWXU | S_IRWXG | S_IRWXO;
|
||||||
|
|
||||||
ppace = kmalloc(num_aces * sizeof(struct cifs_ace *),
|
ppace = kmalloc(num_aces * sizeof(struct cifs_ace *),
|
||||||
GFP_KERNEL);
|
GFP_KERNEL);
|
||||||
|
@ -390,6 +393,12 @@ static void parse_dacl(struct cifs_acl *pdacl, char *end_of_acl,
|
||||||
ppace[i]->type,
|
ppace[i]->type,
|
||||||
&fattr->cf_mode,
|
&fattr->cf_mode,
|
||||||
&other_mask);
|
&other_mask);
|
||||||
|
if (compare_sids(&(ppace[i]->sid), &sid_authusers))
|
||||||
|
access_flags_to_mode(ppace[i]->access_req,
|
||||||
|
ppace[i]->type,
|
||||||
|
&fattr->cf_mode,
|
||||||
|
&other_mask);
|
||||||
|
|
||||||
|
|
||||||
/* memcpy((void *)(&(cifscred->aces[i])),
|
/* memcpy((void *)(&(cifscred->aces[i])),
|
||||||
(void *)ppace[i],
|
(void *)ppace[i],
|
||||||
|
|
Loading…
Reference in New Issue