Fix security issues when copying groupfolder with advanced ACL

Using advanced ACL, it is possible that an user has access to a directory but not to a subdirectory, so the copying use Common::copyFromStorage instead of Local::copyFromStorage. Fix https://github.com/nextcloud/groupfolders/issues/1692 Signed-off-by: Carl Schwan <carl@carlschwan.eu>
author: Carl Schwan <carl@carlschwan.eu> 2021-10-21 17:57:07 +0300
committer: backportbot[bot] <backportbot[bot]@users.noreply.github.com> 2021-10-21 19:34:46 +0300
commit: ec8b2a90e6217e44736e33d924da06bcd35bbca0 (patch)
tree: 60837e1913f87664ab2883993064a64f1c508cdf /lib/private
parent: 6b0bdf192c3b512a35695ef3a257f94241b3377d (diff)
1 files changed, 4 insertions, 1 deletions
diff --git a/lib/private/Files/Storage/Local.php b/lib/private/Files/Storage/Local.php
index 0032ca46446..22c9418d19f 100644
--- a/lib/private/Files/Storage/Local.php
+++ b/lib/private/Files/Storage/Local.php
@@ -525,7 +525,10 @@ class Local extends \OC\Files\Storage\Common {
 	 * @return bool
 	 */
 	public function copyFromStorage(IStorage $sourceStorage, $sourceInternalPath, $targetInternalPath, $preserveMtime = false) {
-		if ($sourceStorage->instanceOfStorage(Local::class)) {
+		// Don't treat ACLStorageWrapper like local storage where copy can be done directly.
+		// Instead use the slower recursive copying in php from Common::copyFromStorage with
+		// more permissions checks.
+		if ($sourceStorage->instanceOfStorage(Local::class) && !$sourceStorage->instanceOfStorage('OCA\GroupFolders\ACL\ACLStorageWrapper')) {
 			if ($sourceStorage->instanceOfStorage(Jail::class)) {
 				/**
 				 * @var \OC\Files\Storage\Wrapper\Jail $sourceStorage
author	Carl Schwan <carl@carlschwan.eu>	2021-10-21 17:57:07 +0300
committer	backportbot[bot] <backportbot[bot]@users.noreply.github.com>	2021-10-21 19:34:46 +0300
commit	ec8b2a90e6217e44736e33d924da06bcd35bbca0 (patch)
tree	60837e1913f87664ab2883993064a64f1c508cdf /lib/private
parent	6b0bdf192c3b512a35695ef3a257f94241b3377d (diff)