Windows: fail cm_CheckNTOpen if READ|DELETE for readonly file
authorJeffrey Altman <jaltman@your-file-system.com>
Mon, 30 Aug 2010 03:41:02 +0000 (23:41 -0400)
committerJeffrey Altman <jaltman@openafs.org>
Mon, 6 Sep 2010 03:56:16 +0000 (20:56 -0700)
If the readonly file attribute is set (stored as a unix mode)
then a CreateFile operation should fail if the file is opened
for DELETE in combination with any other privilege.

LICENSE MIT

Change-Id: Ie8ebb6d230cf65d9ce2411bab2fcc4e561081505
Reviewed-on: http://gerrit.openafs.org/2660
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Derrick Brashear <shadow@dementia.org>
Reviewed-by: Jeffrey Altman <jaltman@openafs.org>
Tested-by: Jeffrey Altman <jaltman@openafs.org>

src/WINNT/afsd/cm_vnodeops.c

index e7b4312..22b1caf 100644 (file)
@@ -189,17 +189,17 @@ long cm_CheckNTOpen(cm_scache_t *scp, unsigned int desiredAccess,
                    cm_lock_data_t **ldpp)
 {
     long rights;
-    long code;
+    long code = 0;
 
     osi_assertx(ldpp != NULL, "null cm_lock_data_t");
     *ldpp = NULL;
 
     /* Always allow delete; the RPC will tell us if it's OK */
-    if (desiredAccess == DELETE)
-        return 0;
-
     rights = 0;
 
+    if (desiredAccess == DELETE)
+        goto done_2;
+
     if (desiredAccess & (AFS_ACCESS_READ|AFS_ACCESS_EXECUTE))
         rights |= (scp->fileType == CM_SCACHETYPE_DIRECTORY ? PRSFS_LOOKUP : PRSFS_READ);
 
@@ -210,6 +210,9 @@ long cm_CheckNTOpen(cm_scache_t *scp, unsigned int desiredAccess,
     if (desiredAccess & AFS_ACCESS_WRITE)
         rights |= PRSFS_WRITE;
 
+    if (desiredAccess & DELETE)
+        rights |= PRSFS_DELETE;
+
     lock_ObtainWrite(&scp->rw);
 
     code = cm_SyncOp(scp, NULL, userp, reqp, rights,
@@ -291,6 +294,7 @@ long cm_CheckNTOpen(cm_scache_t *scp, unsigned int desiredAccess,
  _done:
     lock_ReleaseWrite(&scp->rw);
 
+ done_2:
     osi_Log3(afsd_logp,"cm_CheckNTOpen scp 0x%p ldp 0x%p code 0x%x", scp, *ldpp, code);
     return code;
 }