DMARC-Filter: OpenDMARC Filter v1.4.2 delorie.com 4B9BCPC7787812
Date: Mon, 9 Dec 2024 12:11:56 +0100
To: cygwin@cygwin.com
Subject: Re: SMBFS mount's file cannot be made executable
Message-ID: <Z1bQfIgv7MIDL1fB@calimero.vinschen.de>
Mail-Followup-To: cygwin@cygwin.com
References: <20241113181755.02289e8e8d9af7e19e8f4387@nifty.ne.jp>
 <CANV9t=SvYedzG-LmECwdT7kjipOyhgwsZ1yucnTm8mWMnNkJVw@mail.gmail.com>
 <20241114003740.e573d7ec79d35da76225c9f1@nifty.ne.jp>
 <CANV9t=TLh8xD7KBsF-MucZWNjP-L0KE04xUv2-2e=Z5fXTjk=w@mail.gmail.com>
 <20241114010807.99f46760b2240d472440c329@nifty.ne.jp>
 <20241116002122.3f4fd325a497eb4261ad80f4@nifty.ne.jp>
 <ZztqpBESgcTXcd3d@calimero.vinschen.de>
 <20241119175806.321cdb7e65a727a2eb58c8a6@nifty.ne.jp>
 <Zzz7FJim9kIiqjyy@calimero.vinschen.de>
 <20241208081338.e097563889a03619fc467930@nifty.ne.jp>
MIME-Version: 1.0
Content-Disposition: inline
In-Reply-To: <20241208081338.e097563889a03619fc467930@nifty.ne.jp>
Precedence: list
From: Corinna Vinschen via Cygwin <cygwin@cygwin.com>
Reply-To: cygwin@cygwin.com
Cc: Corinna Vinschen <corinna-cygwin@cygwin.com>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: cygwin-bounces~archive-cygwin=delorie.com@cygwin.com
Sender: "Cygwin" <cygwin-bounces~archive-cygwin=delorie.com@cygwin.com>

On Dec  8 08:13, Takashi Yano via Cygwin wrote:
> On Tue, 19 Nov 2024 21:54:44 +0100
> Corinna Vinschen wrote:
> > No, we can't do that, it's too simple.
> > 
> > Just kidding.
> > 
> > This is so simple, I'm puzzled we never tried that before.  Or, if we
> > did, it's a loooong time ago...
> > 
> > If we really do this, we don't even need to call get_file_sd().  And it
> > should use NtOpenFile and reopen semantics i.e.  pc.init_reopen_attr().
> > Also, the sharing flags should allow all access.  And the `effective'
> > argument needs to be taken into account.
> 
> I have a question. What pc.init_reopen_attr() is for? I tested with
> pc.get_object_attr() instead, it works.

init_reopen_attr() uses the "open by handle" functionality as in the
Win32 API ReOpenFile().  It only does so if the filesystem supports it.
Samba usually does, so it's not clear to me why pc.init_reopen_attr()
fails for you.

> What handle should I pass to pc.init_reopen_attr()?

You could pass pc.handle().  Is pc.handle() in this scenario NULL,
perhaps?

> @@ -709,12 +615,44 @@ check_file_access (path_conv &pc, int flags, bool effective)
>      desired |= FILE_WRITE_DATA;
>    if (flags & X_OK)
>      desired |= FILE_EXECUTE;
> -  if (!get_file_sd (pc.handle (), pc, sd, false))
> +
> +  NTSTATUS status;
> +  if (!effective && cygheap->user.issetuid ())
> +    {
> +      /* Strip impersonation token temporarily */
> +      HANDLE tok = NO_IMPERSONATION;
> +      status = NtSetInformationThread (GetCurrentThread (),
> +				       ThreadImpersonationToken,
> +				       &tok, sizeof (tok));
> +      if (!NT_SUCCESS (status))
> +	{
> +	  debug_printf("NtSetInformationThread() for stripping "
> +		       "impersonation token failed: %y", status);
> +	  __seterrno_from_nt_status (status);
> +	  return ret;
> +	}
> +    }

You can simplify this:

	if (!effective)
	  cygheap->user.deimpersonate ();
   
> +  if (!effective && cygheap->user.issetuid ())
> +    {
> +      /* Recover impersonation token */
> +      HANDLE tok = cygheap->user.imp_token () ?: hProcImpToken;
> +      status = NtSetInformationThread (GetCurrentThread (),
> +				       ThreadImpersonationToken,
> +				       &tok, sizeof (tok));
> +      if (!NT_SUCCESS (status))
> +	debug_printf("NtSetInformationThread() for recovering "
> +		     "impersonation token failed: %y", status);
>      }

And this:

	if (!effective)
	  cygheap->user.reimpersonate ();

But please let's move to cygwin-patches for this.


Thanks,
Corinna

-- 
Problem reports:      https://cygwin.com/problems.html
FAQ:                  https://cygwin.com/faq/
Documentation:        https://cygwin.com/docs.html
Unsubscribe info:     https://cygwin.com/ml/#unsubscribe-simple