summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorTim Potter <tpot@samba.org>2002-09-15 23:40:55 +0000
committerTim Potter <tpot@samba.org>2002-09-15 23:40:55 +0000
commitf3008f5463dbb7691ca32d48edaeb078e8846274 (patch)
tree895fdba8afbcfeed8d067d9d56cb3d5fd4823829
parent479e82b8d8413c88989dfb091c21a0ba003ed005 (diff)
downloadsamba-f3008f5463dbb7691ca32d48edaeb078e8846274.tar.gz
samba-f3008f5463dbb7691ca32d48edaeb078e8846274.tar.bz2
samba-f3008f5463dbb7691ca32d48edaeb078e8846274.zip
Merge of 'other_sids' patch from appliance.
(This used to be commit 7decd4b3a9e6900ab35f7bf5b266361f308aa58d)
-rw-r--r--source3/auth/auth_util.c23
1 files changed, 19 insertions, 4 deletions
diff --git a/source3/auth/auth_util.c b/source3/auth/auth_util.c
index 78dc0d4ee4..ca90fc6f72 100644
--- a/source3/auth/auth_util.c
+++ b/source3/auth/auth_util.c
@@ -983,7 +983,9 @@ NTSTATUS make_server_info_info3(TALLOC_CTX *mem_ctx,
(*server_info)->n_groups = n_lgroupSIDs;
/* Create a 'combined' list of all SIDs we might want in the SD */
- all_group_SIDs = malloc(sizeof(DOM_SID) * (n_lgroupSIDs+info3->num_groups2));
+ all_group_SIDs = malloc(sizeof(DOM_SID) *
+ (n_lgroupSIDs + info3->num_groups2 +
+ info3->num_other_sids));
if (!all_group_SIDs) {
DEBUG(0, ("create_nt_token_info3: malloc() failed for DOM_SID list!\n"));
SAFE_FREE(lgroupSIDs);
@@ -1006,12 +1008,25 @@ NTSTATUS make_server_info_info3(TALLOC_CTX *mem_ctx,
}
}
+ /* Copy 'other' sids. We need to do sid filtering here to
+ prevent possible elevation of privileges. See:
+
+ http://www.microsoft.com/windows2000/techinfo/administration/security/sidfilter.asp
+ */
+
+ for (i = 0; i < info3->num_other_sids; i++)
+ sid_copy(&all_group_SIDs[
+ n_lgroupSIDs + info3->num_groups2 + i],
+ &info3->other_sids[i].sid);
+
/* Where are the 'global' sids... */
/* can the user be guest? if yes, where is it stored? */
- if (!NT_STATUS_IS_OK(nt_status = create_nt_user_token(&user_sid, &group_sid,
- n_lgroupSIDs+info3->num_groups2, all_group_SIDs,
- False, &token))) {
+ if (!NT_STATUS_IS_OK(
+ nt_status = create_nt_user_token(
+ &user_sid, &group_sid,
+ n_lgroupSIDs + info3->num_groups2 + info3->num_other_sids,
+ all_group_SIDs, False, &token))) {
DEBUG(4,("create_nt_user_token failed\n"));
SAFE_FREE(all_group_SIDs);
return nt_status;