Borken vuid_cache in connection_struct?
boyang <boyang <at> samba.org>
2009-12-01 07:04:54 GMT
I think the vuid_cache is broken when dynamic share permission is
introduced. Please correct me if I am wrong.
1). security = share.
user A on share A, user B on share B, on the the same tcp connect.
user A performs some user activity on share A(eg, open a file, write
to it and keep it open), then user B performs some user activity on
share B. Therefore, current user changed from user A to user B. Share
A's permission changes here to deny write access for user A. user A
tries to write to the opened file. have a look at what change_to_user()
does, current user is not user A and will not find vuid_cache
entry(because share = security, vuid = -1 is not even cached), perform
access check from start, deny user A from write access.(bad, the second
write is expected to succeed).
2). security != share.
user 1-33 performs user activity sequentialy on share A.
user 1 performs something like this(open a file, write to it and
keep it open), then user 2-33 performs some user activity. current user
changes from 1 to 33, and vuid_cache is full when user 32 performs user
activity. Then user 33 performs user activity, vuid_cache for user 1
will be replace with user 33. user 1 tries to write to the file again,
have a look at what change_to_user() does. current_user is not user 1,
look up in the vuid_cache failed, do a access check from start, deny
user A from write access. (Bad, the second write is expected to succeed.)
We use two linked lists to watch on share's permission. the entry
looks like vuid_cache. One list is used to record information about
share(read_only, admin_users, server_info) when the first call to
change_to_user(), ie, when user performs first user acitivty, record