diff options
author | Shirish Pargaonkar <shirishpargaonkar@gmail.com> | 2010-12-06 15:56:46 -0500 |
---|---|---|
committer | Steve French <sfrench@us.ibm.com> | 2011-01-19 16:25:58 -0500 |
commit | 2fbc2f1729e785a7b2faf9d8d60926bb1ff62af0 (patch) | |
tree | 4665c741041553259b626df604e617879440fb53 /fs | |
parent | 540b2e377797d8715469d408b887baa9310c5f3e (diff) |
cifs: Use mask of ACEs for SID Everyone to calculate all three permissions user, group, and other
If a DACL has entries for ACEs for SID Everyone and Authenticated Users,
factor in mask in respective entries during calculation of permissions
for all three, user, group, and other.
http://technet.microsoft.com/en-us/library/bb463216.aspx
Signed-off-by: Shirish Pargaonkar <shirishpargaonkar@gmail.com>
Reviewed-by: Jeff Layton <jlayton@redhat.com>
Signed-off-by: Steve French <sfrench@us.ibm.com>
Diffstat (limited to 'fs')
-rw-r--r-- | fs/cifs/cifsacl.c | 13 |
1 files changed, 11 insertions, 2 deletions
diff --git a/fs/cifs/cifsacl.c b/fs/cifs/cifsacl.c index a437ec391a01..1e7636b145a8 100644 --- a/fs/cifs/cifsacl.c +++ b/fs/cifs/cifsacl.c | |||
@@ -41,9 +41,12 @@ static struct cifs_wksid wksidarr[NUM_WK_SIDS] = { | |||
41 | ; | 41 | ; |
42 | 42 | ||
43 | 43 | ||
44 | /* security id for everyone */ | 44 | /* security id for everyone/world system group */ |
45 | static const struct cifs_sid sid_everyone = { | 45 | static const struct cifs_sid sid_everyone = { |
46 | 1, 1, {0, 0, 0, 0, 0, 1}, {0} }; | 46 | 1, 1, {0, 0, 0, 0, 0, 1}, {0} }; |
47 | /* security id for Authenticated Users system group */ | ||
48 | static const struct cifs_sid sid_authusers = { | ||
49 | 1, 1, {0, 0, 0, 0, 0, 5}, {11} }; | ||
47 | /* group users */ | 50 | /* group users */ |
48 | static const struct cifs_sid sid_user = {1, 2 , {0, 0, 0, 0, 0, 5}, {} }; | 51 | static const struct cifs_sid sid_user = {1, 2 , {0, 0, 0, 0, 0, 5}, {} }; |
49 | 52 | ||
@@ -365,7 +368,7 @@ static void parse_dacl(struct cifs_acl *pdacl, char *end_of_acl, | |||
365 | if (num_aces > 0) { | 368 | if (num_aces > 0) { |
366 | umode_t user_mask = S_IRWXU; | 369 | umode_t user_mask = S_IRWXU; |
367 | umode_t group_mask = S_IRWXG; | 370 | umode_t group_mask = S_IRWXG; |
368 | umode_t other_mask = S_IRWXO; | 371 | umode_t other_mask = S_IRWXU | S_IRWXG | S_IRWXO; |
369 | 372 | ||
370 | ppace = kmalloc(num_aces * sizeof(struct cifs_ace *), | 373 | ppace = kmalloc(num_aces * sizeof(struct cifs_ace *), |
371 | GFP_KERNEL); | 374 | GFP_KERNEL); |
@@ -390,6 +393,12 @@ static void parse_dacl(struct cifs_acl *pdacl, char *end_of_acl, | |||
390 | ppace[i]->type, | 393 | ppace[i]->type, |
391 | &fattr->cf_mode, | 394 | &fattr->cf_mode, |
392 | &other_mask); | 395 | &other_mask); |
396 | if (compare_sids(&(ppace[i]->sid), &sid_authusers)) | ||
397 | access_flags_to_mode(ppace[i]->access_req, | ||
398 | ppace[i]->type, | ||
399 | &fattr->cf_mode, | ||
400 | &other_mask); | ||
401 | |||
393 | 402 | ||
394 | /* memcpy((void *)(&(cifscred->aces[i])), | 403 | /* memcpy((void *)(&(cifscred->aces[i])), |
395 | (void *)ppace[i], | 404 | (void *)ppace[i], |