diff options
| author | Gerald Carter <jerry@samba.org> | 2006-01-13 20:26:59 +0000 |
|---|---|---|
| committer | Gerald (Jerry) Carter <jerry@samba.org> | 2007-10-10 11:06:07 -0500 |
| commit | bb59be3e0d2687fd2a59e831f7efdb34e5ee5d3d (patch) | |
| tree | 95031322d12161304aae5fa97123681ecc3430ed | |
| parent | e7a1a0ead2013464dc8204e5b997ddc3ae46e973 (diff) | |
| download | samba-bb59be3e0d2687fd2a59e831f7efdb34e5ee5d3d.tar.gz samba-bb59be3e0d2687fd2a59e831f7efdb34e5ee5d3d.tar.bz2 samba-bb59be3e0d2687fd2a59e831f7efdb34e5ee5d3d.zip | |
r12915: protect against changing the SCM security descriptor
(This used to be commit 5842da99681c15437c11e9925dec24c8c0e3708a)
| -rw-r--r-- | source3/rpc_server/srv_svcctl_nt.c | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/source3/rpc_server/srv_svcctl_nt.c b/source3/rpc_server/srv_svcctl_nt.c index 4db8f7ed3f..049bdf6075 100644 --- a/source3/rpc_server/srv_svcctl_nt.c +++ b/source3/rpc_server/srv_svcctl_nt.c @@ -828,6 +828,11 @@ WERROR _svcctl_set_service_sec( pipes_struct *p, SVCCTL_Q_SET_SERVICE_SEC *q_u, if ( !info || !(info->type & (SVC_HANDLE_IS_SERVICE|SVC_HANDLE_IS_SCM)) ) return WERR_BADFID; + /* can't set the security de4scriptor on the ServiceControlManager */ + + if ( info->type == SVC_HANDLE_IS_SCM ) + return WERR_ACCESS_DENIED; + /* check the access on the open handle */ switch ( q_u->security_flags ) { |