summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorGerald Carter <jerry@samba.org>2005-06-28 22:39:18 +0000
committerGerald (Jerry) Carter <jerry@samba.org>2007-10-10 10:58:06 -0500
commite4a11ba5853ff323e3fcb989dfdbf7e7c11717ec (patch)
treecbd486a91d155e8f1cd7aa97fb2ca4ce2943d56b
parent9b782f49350bd7682ad3270bf585b9af15669245 (diff)
downloadsamba-e4a11ba5853ff323e3fcb989dfdbf7e7c11717ec.tar.gz
samba-e4a11ba5853ff323e3fcb989dfdbf7e7c11717ec.tar.bz2
samba-e4a11ba5853ff323e3fcb989dfdbf7e7c11717ec.zip
r7987: map generic bits to specific bits in open requests
(This used to be commit 7764e8a6775ead942d8ceac89cbcb947136bf7fa)
-rw-r--r--source3/rpc_server/srv_reg_nt.c7
1 files changed, 4 insertions, 3 deletions
diff --git a/source3/rpc_server/srv_reg_nt.c b/source3/rpc_server/srv_reg_nt.c
index 4603bb077b..158888967b 100644
--- a/source3/rpc_server/srv_reg_nt.c
+++ b/source3/rpc_server/srv_reg_nt.c
@@ -41,7 +41,7 @@
/* no idea if this is correct, just use the file access bits for now */
-struct generic_mapping reg_map = { REG_KEY_READ, REG_KEY_WRITE, REG_KEY_EXECUTE, REG_KEY_ALL };
+static struct generic_mapping reg_generic_map = { REG_KEY_READ, REG_KEY_WRITE, REG_KEY_EXECUTE, REG_KEY_ALL };
/********************************************************************
********************************************************************/
@@ -51,6 +51,7 @@ NTSTATUS registry_access_check( SEC_DESC *sec_desc, NT_USER_TOKEN *token,
{
NTSTATUS result;
+ se_map_generic( &access_desired, &reg_generic_map );
se_access_check( sec_desc, token, access_desired, access_granted, &result );
return result;
@@ -1020,12 +1021,12 @@ static WERROR make_default_reg_sd( TALLOC_CTX *ctx, SEC_DESC **psd )
/* basic access for Everyone */
- init_sec_access(&mask, reg_map.generic_execute | reg_map.generic_read );
+ init_sec_access(&mask, reg_generic_map.generic_execute | reg_generic_map.generic_read );
init_sec_ace(&ace[0], &global_sid_World, SEC_ACE_TYPE_ACCESS_ALLOWED, mask, 0);
/* add Full Access 'BUILTIN\Administrators' */
- init_sec_access(&mask, reg_map.generic_all);
+ init_sec_access(&mask, reg_generic_map.generic_all);
sid_copy(&adm_sid, &global_sid_Builtin);
sid_append_rid(&adm_sid, BUILTIN_ALIAS_RID_ADMINS);
init_sec_ace(&ace[1], &adm_sid, SEC_ACE_TYPE_ACCESS_ALLOWED, mask, 0);