Rename parent rights fix incremental
All checks were successful
Source release / source-package (push) Successful in 37s
All checks were successful
Source release / source-package (push) Successful in 37s
This commit is contained in:
Mario Fetka
@@ -2398,29 +2398,39 @@ static int nw_rename_file_dir(int namespace,
|
||||
/* NetWare trustee semantics: M (Modify) is the right for renaming
|
||||
* files/directories. A is for trustee/IRM changes, not rename.
|
||||
*
|
||||
* The old check required R|W|M on the source and W on the destination
|
||||
* parent. That is stricter than NetWare for a same-directory rename and
|
||||
* makes REN fail for users with Modify rights.
|
||||
* Trustee assignments are commonly placed on the containing directory.
|
||||
* For a file rename, effective M may therefore be present on the parent
|
||||
* directory even when a direct file-object check does not show it. Check
|
||||
* the source entry first, then fall back to the source parent.
|
||||
*/
|
||||
if (tru_eff_rights_exists(dbe_s->nwpath.volume, unname_s,
|
||||
&dbe_s->nwpath.statb, TRUSTEE_M)) {
|
||||
XDPRINTF((5, 0, "Rename denied: missing M on source `%s`", unname_s));
|
||||
result=-0x8b;
|
||||
} else {
|
||||
{
|
||||
char src_parent[1024];
|
||||
char *slash;
|
||||
struct stat src_parent_stb;
|
||||
int missing_m;
|
||||
|
||||
strmaxcpy((uint8*)src_parent, unname_s, sizeof(src_parent)-1);
|
||||
slash = strrchr(src_parent, '/');
|
||||
if (slash && slash > src_parent)
|
||||
*slash = '\0';
|
||||
|
||||
/* Only require destination Create rights when this is a move to a
|
||||
* different parent directory. Same-directory rename is covered by M.
|
||||
*/
|
||||
if (slash && strcmp(src_parent, (char*)unname_dp) &&
|
||||
missing_m = tru_eff_rights_exists(dbe_s->nwpath.volume, unname_s,
|
||||
&dbe_s->nwpath.statb, TRUSTEE_M);
|
||||
if (missing_m && slash && !stat(src_parent, &src_parent_stb))
|
||||
missing_m = tru_eff_rights_exists(dbe_s->nwpath.volume,
|
||||
(uint8*)src_parent, &src_parent_stb, TRUSTEE_M);
|
||||
|
||||
if (missing_m) {
|
||||
XDPRINTF((5, 0,
|
||||
"Rename denied: missing M on source `%s` or parent `%s`",
|
||||
unname_s, slash ? src_parent : (char*)""));
|
||||
result=-0x8b;
|
||||
} else if (slash && strcmp(src_parent, (char*)unname_dp) &&
|
||||
tru_eff_rights_exists(dbe_d->nwpath.volume, unname_dp,
|
||||
&dbe_d->nwpath.statb, TRUSTEE_C)) {
|
||||
/* Only require destination Create rights when this is a move to a
|
||||
* different parent directory. Same-directory rename is covered by M.
|
||||
*/
|
||||
XDPRINTF((5, 0, "Rename denied: missing C on dest parent `%s`",
|
||||
unname_dp));
|
||||
result=-0x8b;
|
||||
|
||||
Reference in New Issue
Block a user