| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <CAKYAXd_Wy0_skGEhrWNT1u7w4VTbmk_FUH_PN2oN6G-npM3Ntg@mail.gmail.com> Date: Thu, 26 Dec 2024 09:22:31 +0900 From: Namjae Jeon <linkinjeon@...nel.org> To: Pali Rohár <pali@...nel.org> Cc: Steve French <sfrench@...ba.org>, Paulo Alcantara <pc@...guebit.com>, Ronnie Sahlberg <ronniesahlberg@...il.com>, Sergey Senozhatsky <senozhatsky@...omium.org>, linux-cifs@...r.kernel.org, linux-kernel@...r.kernel.org Subject: Re: [PATCH] cifs: Update description about ACL permissions On Wed, Dec 25, 2024 at 12:08 AM Pali Rohár <pali@...nel.org> wrote: > > There are some incorrect information about individual SMB permission > constants like WRITE_DAC can change ownership, or incomplete information to > distinguish between ACL types (discretionary vs system) and there is > completely missing information how permissions apply for directory objects > and what is meaning of GENERIC_* bits. > > Fix and extend description of all SMB permission constants to match the > reality, how the reference Windows SMB / NTFS implementation handles them. > > Links to official Microsoft documentation related to permissions: > https://learn.microsoft.com/en-us/windows/win32/fileio/file-access-rights-constants > https://learn.microsoft.com/en-us/windows/win32/secauthz/access-mask > https://learn.microsoft.com/en-us/windows/win32/secauthz/standard-access-rights > https://learn.microsoft.com/en-us/windows/win32/secauthz/generic-access-rights > https://learn.microsoft.com/en-us/windows/win32/api/winternl/nf-winternl-ntcreatefile > https://learn.microsoft.com/en-us/windows-hardware/drivers/ddi/ntifs/nf-ntifs-ntcreatefile > > Signed-off-by: Pali Rohár <pali@...nel.org> > --- > > Anyway, I see that these client constants are copied also in server > fs/smb/server/smb_common.h file. Maybe they could be deduplicated into > some fs/smb/common/* file? Yes, We can move them to fs/smb/common/* file. Thanks. > > --- > fs/smb/client/cifspdu.h | 77 ++++++++++++++++++++++++++++++++--------- > 1 file changed, 60 insertions(+), 17 deletions(-) > > diff --git a/fs/smb/client/cifspdu.h b/fs/smb/client/cifspdu.h > index f4c348b5c4f1..3ad1bb79ea9e 100644 > --- a/fs/smb/client/cifspdu.h > +++ b/fs/smb/client/cifspdu.h > @@ -190,38 +190,81 @@ > */ > > #define FILE_READ_DATA 0x00000001 /* Data can be read from the file */ > + /* or directory child entries can */ > + /* be listed together with the */ > + /* associated child attributes */ > + /* (so the FILE_READ_ATTRIBUTES on */ > + /* the child entry is not needed) */ > #define FILE_WRITE_DATA 0x00000002 /* Data can be written to the file */ > + /* or new file can be created in */ > + /* the directory */ > #define FILE_APPEND_DATA 0x00000004 /* Data can be appended to the file */ > + /* (for non-local files over SMB it */ > + /* is same as FILE_WRITE_DATA) */ > + /* or new subdirectory can be */ > + /* created in the directory */ > #define FILE_READ_EA 0x00000008 /* Extended attributes associated */ > /* with the file can be read */ > #define FILE_WRITE_EA 0x00000010 /* Extended attributes associated */ > /* with the file can be written */ > #define FILE_EXECUTE 0x00000020 /*Data can be read into memory from */ > /* the file using system paging I/O */ > -#define FILE_DELETE_CHILD 0x00000040 > + /* for executing the file / script */ > + /* or right to traverse directory */ > + /* (but by default all users have */ > + /* bypass traverse privilege and do */ > + /* not need this permission at all) */ > +#define FILE_DELETE_CHILD 0x00000040 /* Child entry can be deleted from */ > + /* the directory (so the DELETE on */ > + /* the child entry is not needed) */ > #define FILE_READ_ATTRIBUTES 0x00000080 /* Attributes associated with the */ > - /* file can be read */ > + /* file or directory can be read */ > #define FILE_WRITE_ATTRIBUTES 0x00000100 /* Attributes associated with the */ > - /* file can be written */ > -#define DELETE 0x00010000 /* The file can be deleted */ > -#define READ_CONTROL 0x00020000 /* The access control list and */ > - /* ownership associated with the */ > - /* file can be read */ > -#define WRITE_DAC 0x00040000 /* The access control list and */ > - /* ownership associated with the */ > - /* file can be written. */ > + /* file or directory can be written */ > +#define DELETE 0x00010000 /* The file or dir can be deleted */ > +#define READ_CONTROL 0x00020000 /* The discretionary access control */ > + /* list and ownership associated */ > + /* with the file or dir can be read */ > +#define WRITE_DAC 0x00040000 /* The discretionary access control */ > + /* list associated with the file or */ > + /* directory can be written */ > #define WRITE_OWNER 0x00080000 /* Ownership information associated */ > - /* with the file can be written */ > + /* with the file/dir can be written */ > #define SYNCHRONIZE 0x00100000 /* The file handle can waited on to */ > /* synchronize with the completion */ > /* of an input/output request */ > #define SYSTEM_SECURITY 0x01000000 /* The system access control list */ > - /* can be read and changed */ > -#define MAXIMUM_ALLOWED 0x02000000 > -#define GENERIC_ALL 0x10000000 > -#define GENERIC_EXECUTE 0x20000000 > -#define GENERIC_WRITE 0x40000000 > -#define GENERIC_READ 0x80000000 > + /* list associated with the file or */ > + /* dir can be read or written */ > + /* (cannot be in DACL, can in SACL) */ > +#define MAXIMUM_ALLOWED 0x02000000 /* Maximal subset of GENERIC_ALL */ > + /* permissions which can be granted */ > + /* (cannot be in DACL nor SACL) */ > +#define GENERIC_ALL 0x10000000 /* Same as: GENERIC_EXECUTE | */ > + /* GENERIC_WRITE | */ > + /* GENERIC_READ | */ > + /* FILE_DELETE_CHILD | */ > + /* DELETE | */ > + /* WRITE_DAC | */ > + /* WRITE_OWNER */ > + /* So GENERIC_ALL contains all bits */ > + /* mentioned above except these two */ > + /* SYSTEM_SECURITY MAXIMUM_ALLOWED */ > +#define GENERIC_EXECUTE 0x20000000 /* Same as: FILE_EXECUTE | */ > + /* FILE_READ_ATTRIBUTES | */ > + /* READ_CONTROL | */ > + /* SYNCHRONIZE */ > +#define GENERIC_WRITE 0x40000000 /* Same as: FILE_WRITE_DATA | */ > + /* FILE_APPEND_DATA | */ > + /* FILE_WRITE_EA | */ > + /* FILE_WRITE_ATTRIBUTES | */ > + /* READ_CONTROL | */ > + /* SYNCHRONIZE */ > +#define GENERIC_READ 0x80000000 /* Same as: FILE_READ_DATA | */ > + /* FILE_READ_EA | */ > + /* FILE_READ_ATTRIBUTES | */ > + /* READ_CONTROL | */ > + /* SYNCHRONIZE */ > /* In summary - Relevant file */ > /* access flags from CIFS are */ > /* file_read_data, file_write_data */ > -- > 2.20.1 >
Powered by blists - more mailing lists