summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorStefan Metzmacher <metze@samba.org>2012-12-11 03:17:42 +0100
committerMichael Adam <obnox@samba.org>2012-12-11 04:49:48 +0100
commitd20c46a520a7e39dd87476cd81edab56b5543892 (patch)
tree95eba747f9f6a56382438359eddb62c0339e34b3
parent75729e6703c5b5dff7feefed590086898fc03c74 (diff)
downloadsamba-d20c46a520a7e39dd87476cd81edab56b5543892.tar.gz
samba-d20c46a520a7e39dd87476cd81edab56b5543892.tar.bz2
samba-d20c46a520a7e39dd87476cd81edab56b5543892.zip
libcli/security: calculate the correct inherited_object GUID
Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Michael Adam <obnox@samba.org>
-rw-r--r--libcli/security/create_descriptor.c8
1 files changed, 7 insertions, 1 deletions
diff --git a/libcli/security/create_descriptor.c b/libcli/security/create_descriptor.c
index 1456d84e57..42ca1a7ecc 100644
--- a/libcli/security/create_descriptor.c
+++ b/libcli/security/create_descriptor.c
@@ -186,7 +186,13 @@ static struct security_acl *calculate_inherited_from_parent(TALLOC_CTX *mem_ctx,
if (ace->type == SEC_ACE_TYPE_ACCESS_ALLOWED_OBJECT ||
ace->type == SEC_ACE_TYPE_ACCESS_DENIED_OBJECT) {
- if (!object_in_list(object_list, &ace->object.object.type.type)) {
+ struct GUID inherited_object = GUID_zero();
+
+ if (ace->object.object.flags & SEC_ACE_INHERITED_OBJECT_TYPE_PRESENT) {
+ inherited_object = ace->object.object.inherited_type.inherited_type;
+ }
+
+ if (!object_in_list(object_list, &inherited_object)) {
tmp_acl->aces[tmp_acl->num_aces].flags |= SEC_ACE_FLAG_INHERIT_ONLY;
}