diff options
| author | Jeremy Allison <jra@samba.org> | 2012-04-17 12:30:15 -0700 |
|---|---|---|
| committer | Stefan Metzmacher <metze@samba.org> | 2012-05-01 01:04:46 +0200 |
| commit | 6f3e011f84140cad4401ce898450ddb158efa2ed (patch) | |
| tree | 021716d215fc771321ec1f84df56df00c638c1f6 | |
| parent | 1270cfb45ffa0bbcacf7254b5b45f492a8dcde77 (diff) | |
| download | samba-6f3e011f84140cad4401ce898450ddb158efa2ed.tar.gz samba-6f3e011f84140cad4401ce898450ddb158efa2ed.tar.bz2 samba-6f3e011f84140cad4401ce898450ddb158efa2ed.zip | |
Fix bug #8873 - self granting privileges in security=ads.
Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Tue May 1 01:04:46 CEST 2012 on sn-devel-104
| -rw-r--r-- | source3/rpc_server/lsa/srv_lsa_nt.c | 16 |
1 files changed, 12 insertions, 4 deletions
diff --git a/source3/rpc_server/lsa/srv_lsa_nt.c b/source3/rpc_server/lsa/srv_lsa_nt.c index 48bdfdb8ad..f1605afc6d 100644 --- a/source3/rpc_server/lsa/srv_lsa_nt.c +++ b/source3/rpc_server/lsa/srv_lsa_nt.c @@ -2725,6 +2725,10 @@ NTSTATUS _lsa_CreateAccount(struct pipes_struct *p, uint32_t acc_granted; struct security_descriptor *psd; size_t sd_size; + uint32_t owner_access = (LSA_ACCOUNT_ALL_ACCESS & + ~(LSA_ACCOUNT_ADJUST_PRIVILEGES| + LSA_ACCOUNT_ADJUST_SYSTEM_ACCESS| + SEC_STD_DELETE)); /* find the connection policy handle. */ if (!find_policy_by_hnd(p, r->in.handle, (void **)(void *)&handle)) @@ -2750,7 +2754,7 @@ NTSTATUS _lsa_CreateAccount(struct pipes_struct *p, status = make_lsa_object_sd(p->mem_ctx, &psd, &sd_size, &lsa_account_mapping, - r->in.sid, LSA_POLICY_ALL_ACCESS); + r->in.sid, owner_access); if (!NT_STATUS_IS_OK(status)) { return status; } @@ -2791,6 +2795,10 @@ NTSTATUS _lsa_OpenAccount(struct pipes_struct *p, size_t sd_size; uint32_t des_access = r->in.access_mask; uint32_t acc_granted; + uint32_t owner_access = (LSA_ACCOUNT_ALL_ACCESS & + ~(LSA_ACCOUNT_ADJUST_PRIVILEGES| + LSA_ACCOUNT_ADJUST_SYSTEM_ACCESS| + SEC_STD_DELETE)); NTSTATUS status; /* find the connection policy handle. */ @@ -2815,7 +2823,7 @@ NTSTATUS _lsa_OpenAccount(struct pipes_struct *p, /* get the generic lsa account SD until we store it */ status = make_lsa_object_sd(p->mem_ctx, &psd, &sd_size, &lsa_account_mapping, - r->in.sid, LSA_ACCOUNT_ALL_ACCESS); + r->in.sid, owner_access); if (!NT_STATUS_IS_OK(status)) { return status; } @@ -3174,7 +3182,7 @@ NTSTATUS _lsa_AddAccountRights(struct pipes_struct *p, /* get the generic lsa account SD for this SID until we store it */ status = make_lsa_object_sd(p->mem_ctx, &psd, &sd_size, &lsa_account_mapping, - r->in.sid, LSA_ACCOUNT_ALL_ACCESS); + NULL, 0); if (!NT_STATUS_IS_OK(status)) { return status; } @@ -3245,7 +3253,7 @@ NTSTATUS _lsa_RemoveAccountRights(struct pipes_struct *p, /* get the generic lsa account SD for this SID until we store it */ status = make_lsa_object_sd(p->mem_ctx, &psd, &sd_size, &lsa_account_mapping, - r->in.sid, LSA_ACCOUNT_ALL_ACCESS); + NULL, 0); if (!NT_STATUS_IS_OK(status)) { return status; } |