73 lines
2.6 KiB
Diff
73 lines
2.6 KiB
Diff
From be504b486d78133fd28ad3d7adfe589a99338846 Mon Sep 17 00:00:00 2001
|
|
From: Andrew Bartlett <abartlet@samba.org>
|
|
Date: Thu, 21 Mar 2019 17:21:58 +1300
|
|
Subject: [PATCH 3/5] CVE-2019-3870 pysmbd: Include tests to show the outside
|
|
umask has no impact
|
|
|
|
BUG: https://bugzilla.samba.org/show_bug.cgi?id=13834
|
|
|
|
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
|
|
Reviewed-by: Jeremy Allison <jra@samba.org>
|
|
---
|
|
python/samba/tests/ntacls_backup.py | 13 +++++++++++++
|
|
python/samba/tests/smbd_base.py | 2 +-
|
|
selftest/knownfail.d/pymkdir-umask | 1 +
|
|
3 files changed, 15 insertions(+), 1 deletion(-)
|
|
create mode 100644 selftest/knownfail.d/pymkdir-umask
|
|
|
|
diff --git a/python/samba/tests/ntacls_backup.py b/python/samba/tests/ntacls_backup.py
|
|
index 763804fd63f..b7defd35903 100644
|
|
--- a/python/samba/tests/ntacls_backup.py
|
|
+++ b/python/samba/tests/ntacls_backup.py
|
|
@@ -112,6 +112,12 @@ class NtaclsBackupRestoreTests(SmbdBaseTests):
|
|
|
|
dirpath = os.path.join(self.service_root, 'a-dir')
|
|
smbd.mkdir(dirpath, self.service)
|
|
+ mode = os.stat(dirpath).st_mode
|
|
+
|
|
+ # This works in conjunction with the TEST_UMASK in smbd_base
|
|
+ # to ensure that permissions are not related to the umask
|
|
+ # but instead the smb.conf settings
|
|
+ self.assertEquals(mode & 0o777, 0o755)
|
|
self.assertTrue(os.path.isdir(dirpath))
|
|
|
|
def test_smbd_create_file(self):
|
|
@@ -123,6 +129,13 @@ class NtaclsBackupRestoreTests(SmbdBaseTests):
|
|
smbd.create_file(filepath, self.service)
|
|
self.assertTrue(os.path.isfile(filepath))
|
|
|
|
+ mode = os.stat(filepath).st_mode
|
|
+
|
|
+ # This works in conjunction with the TEST_UMASK in smbd_base
|
|
+ # to ensure that permissions are not related to the umask
|
|
+ # but instead the smb.conf settings
|
|
+ self.assertEquals(mode & 0o777, 0o644)
|
|
+
|
|
# As well as checking that unlink works, this removes the
|
|
# fake xattrs from the dev/inode based DB
|
|
smbd.unlink(filepath, self.service)
|
|
diff --git a/python/samba/tests/smbd_base.py b/python/samba/tests/smbd_base.py
|
|
index 4e5c3641e2c..b49bcc0828f 100644
|
|
--- a/python/samba/tests/smbd_base.py
|
|
+++ b/python/samba/tests/smbd_base.py
|
|
@@ -17,7 +17,7 @@
|
|
from samba.tests import TestCaseInTempDir
|
|
import os
|
|
|
|
-TEST_UMASK = 0o022
|
|
+TEST_UMASK = 0o042
|
|
|
|
class SmbdBaseTests(TestCaseInTempDir):
|
|
|
|
diff --git a/selftest/knownfail.d/pymkdir-umask b/selftest/knownfail.d/pymkdir-umask
|
|
new file mode 100644
|
|
index 00000000000..5af01be44e3
|
|
--- /dev/null
|
|
+++ b/selftest/knownfail.d/pymkdir-umask
|
|
@@ -0,0 +1 @@
|
|
+^samba.tests.ntacls_backup.samba.tests.ntacls_backup.NtaclsBackupRestoreTests.test_smbd_mkdir
|
|
\ No newline at end of file
|
|
--
|
|
2.11.0
|
|
|