diff options
| author | Andrew Tridgell <tridge@samba.org> | 2009-10-16 10:01:28 +1100 |
|---|---|---|
| committer | Andrew Tridgell <tridge@samba.org> | 2009-10-16 10:12:18 +1100 |
| commit | 068e09847ad3e494a8b5176980b3c0d46ddf4618 (patch) | |
| tree | ea3e590d7f9e6d8162efc90193c362112ffc72ee | |
| parent | c35f18513ac804b6734630a943d70811bb8fb2d0 (diff) | |
| download | samba-068e09847ad3e494a8b5176980b3c0d46ddf4618.tar.gz samba-068e09847ad3e494a8b5176980b3c0d46ddf4618.tar.bz2 samba-068e09847ad3e494a8b5176980b3c0d46ddf4618.zip | |
idl: added bit definition for privilege masks
When you have backup or restore privileges, you automatically get
extra access bits in ACL interpretation. This adds definitions for the
bits you get.
| -rw-r--r-- | librpc/gen_ndr/security.h | 4 | ||||
| -rw-r--r-- | librpc/idl/security.idl | 15 |
2 files changed, 19 insertions, 0 deletions
diff --git a/librpc/gen_ndr/security.h b/librpc/gen_ndr/security.h index 05df02ae8f..297ba18d7f 100644 --- a/librpc/gen_ndr/security.h +++ b/librpc/gen_ndr/security.h @@ -70,6 +70,10 @@ #define SEC_RIGHTS_DIR_WRITE ( SEC_RIGHTS_FILE_WRITE ) #define SEC_RIGHTS_DIR_EXECUTE ( SEC_RIGHTS_FILE_EXECUTE ) #define SEC_RIGHTS_DIR_ALL ( SEC_RIGHTS_FILE_ALL ) +#define SEC_RIGHTS_PRIV_BACKUP ( SEC_STD_READ_CONTROL|SEC_FLAG_SYSTEM_SECURITY|SEC_GENERIC_READ ) +#define SEC_RIGHTS_DIR_PRIV_BACKUP ( SEC_RIGHTS_PRIV_BACKUP|SEC_DIR_TRAVERSE ) +#define SEC_RIGHTS_PRIV_RESTORE ( SEC_STD_WRITE_DAC|SEC_STD_WRITE_OWNER|SEC_FLAG_SYSTEM_SECURITY|SEC_STD_DELETE ) +#define SEC_RIGHTS_DIR_PRIV_RESTORE ( SEC_RIGHTS_PRIV_RESTORE|SEC_DIR_ADD_FILE|SEC_DIR_ADD_SUBDIR ) #define STANDARD_RIGHTS_ALL_ACCESS ( SEC_STD_ALL ) #define STANDARD_RIGHTS_MODIFY_ACCESS ( SEC_STD_READ_CONTROL ) #define STANDARD_RIGHTS_EXECUTE_ACCESS ( SEC_STD_READ_CONTROL ) diff --git a/librpc/idl/security.idl b/librpc/idl/security.idl index 96d24b6685..c24dc64bd7 100644 --- a/librpc/idl/security.idl +++ b/librpc/idl/security.idl @@ -144,6 +144,21 @@ interface security const int SEC_RIGHTS_DIR_EXECUTE = SEC_RIGHTS_FILE_EXECUTE; const int SEC_RIGHTS_DIR_ALL = SEC_RIGHTS_FILE_ALL; + /* rights granted by some specific privileges */ + const int SEC_RIGHTS_PRIV_BACKUP = SEC_STD_READ_CONTROL | + SEC_FLAG_SYSTEM_SECURITY | + SEC_GENERIC_READ; + const int SEC_RIGHTS_DIR_PRIV_BACKUP = SEC_RIGHTS_PRIV_BACKUP + | SEC_DIR_TRAVERSE; + + const int SEC_RIGHTS_PRIV_RESTORE = SEC_STD_WRITE_DAC | + SEC_STD_WRITE_OWNER | + SEC_FLAG_SYSTEM_SECURITY | + SEC_STD_DELETE; + const int SEC_RIGHTS_DIR_PRIV_RESTORE = SEC_RIGHTS_PRIV_RESTORE | + SEC_DIR_ADD_FILE | + SEC_DIR_ADD_SUBDIR; + /* combinations of standard masks. */ const int STANDARD_RIGHTS_ALL_ACCESS = SEC_STD_ALL; /* 0x001f0000 */ const int STANDARD_RIGHTS_MODIFY_ACCESS = SEC_STD_READ_CONTROL; /* 0x00020000 */ |