diff options
author | Jeremy Allison <jra@samba.org> | 2004-05-18 00:26:06 +0000 |
---|---|---|
committer | Gerald (Jerry) Carter <jerry@samba.org> | 2007-10-10 10:51:36 -0500 |
commit | 49f95e6d27ac9476e8308e53629e8ae4908957c6 (patch) | |
tree | 7e43e6f0404af579d693d49b3880a7fcb722ee18 | |
parent | 8b9a044b58cfcf070d5158ffc4533d2a27226e44 (diff) | |
download | samba-49f95e6d27ac9476e8308e53629e8ae4908957c6.tar.gz samba-49f95e6d27ac9476e8308e53629e8ae4908957c6.tar.bz2 samba-49f95e6d27ac9476e8308e53629e8ae4908957c6.zip |
r762: Fix for #1319 when security > share.
Jeremy.
(This used to be commit 9fe2240d6b68a2f8a495df585d69ae20c9825d77)
-rw-r--r-- | source3/smbd/uid.c | 10 |
1 files changed, 8 insertions, 2 deletions
diff --git a/source3/smbd/uid.c b/source3/smbd/uid.c index 3859298055..e1864c74ca 100644 --- a/source3/smbd/uid.c +++ b/source3/smbd/uid.c @@ -189,20 +189,26 @@ BOOL change_to_user(connection_struct *conn, uint16 vuid) snum = SNUM(conn); + if ((vuser) && !check_user_ok(conn, vuser, snum)) { + DEBUG(2,("change_to_user: SMB user %s (unix user %s, vuid %d) not permitted access to share %s.\n", + vuser->user.smb_name, vuser->user.unix_name, vuid, lp_servicename(snum))); + return False; + } + if (conn->force_user) /* security = share sets this too */ { uid = conn->uid; gid = conn->gid; current_user.groups = conn->groups; current_user.ngroups = conn->ngroups; token = conn->nt_user_token; - } else if ((vuser) && check_user_ok(conn, vuser, snum)) { + } else if (vuser) { uid = conn->admin_user ? 0 : vuser->uid; gid = vuser->gid; current_user.ngroups = vuser->n_groups; current_user.groups = vuser->groups; token = vuser->nt_user_token; } else { - DEBUG(2,("change_to_user: Invalid vuid used %d or vuid not permitted access to share.\n",vuid)); + DEBUG(2,("change_to_user: Invalid vuid used %d in accessing share %s.\n",vuid, lp_servicename(snum) )); return False; } |