diff options
| author | Andrew Bartlett <abartlet@samba.org> | 2010-08-27 12:19:09 +1000 |
|---|---|---|
| committer | Andrew Bartlett <abartlet@samba.org> | 2010-09-11 18:46:08 +1000 |
| commit | cbd72ab93bc35aa71a55b190cd999dda4106be07 (patch) | |
| tree | 72327385378a4efdd39c2a4f46b096f33a5b11cc /libcli/security/privileges.h | |
| parent | 33ce8633d6a5e5cc54209c92397025114f0a46ea (diff) | |
| download | samba-cbd72ab93bc35aa71a55b190cd999dda4106be07.tar.gz samba-cbd72ab93bc35aa71a55b190cd999dda4106be07.tar.bz2 samba-cbd72ab93bc35aa71a55b190cd999dda4106be07.zip | |
libcli/security Don't export privs[] as a global variable
Instead, provide access functions for the LSA and net sam callers
for the information they need.
They still only enumerate the first 8 privileges that have traditionally
been exposed.
Andrew Bartlett
Signed-off-by: Andrew Tridgell <tridge@samba.org>
Diffstat (limited to 'libcli/security/privileges.h')
| -rw-r--r-- | libcli/security/privileges.h | 25 |
1 files changed, 8 insertions, 17 deletions
diff --git a/libcli/security/privileges.h b/libcli/security/privileges.h index e1cfbbb404..e715c468c2 100644 --- a/libcli/security/privileges.h +++ b/libcli/security/privileges.h @@ -63,13 +63,6 @@ typedef struct { struct lsa_LUIDAttribute *set; } PRIVILEGE_SET; -typedef struct { - enum sec_privilege luid; - uint64_t privilege_mask; - const char *name; - const char *description; -} PRIVS; - /*************************************************************************** copy an uint64_t structure ****************************************************************************/ @@ -137,18 +130,11 @@ bool user_has_privileges(const struct security_token *token, const uint64_t *pri bool user_has_any_privilege(struct security_token *token, const uint64_t *privilege_mask); /******************************************************************* - return the number of elements in the privlege array + return the number of elements in the 'short' privlege array (traditional source3 behaviour) *******************************************************************/ -int count_all_privileges( void ); - -/********************************************************************* - Generate the struct lsa_LUIDAttribute structure based on a bitmask - The assumption here is that the privilege has already been validated - so we are guaranteed to find it in the list. -*********************************************************************/ +int num_privileges_in_short_list( void ); -enum sec_privilege get_privilege_luid( uint64_t *privilege_mask ); /**************************************************************************** Convert a LUID to a named string ****************************************************************************/ @@ -181,11 +167,16 @@ enum sec_privilege sec_privilege_id(const char *name); enum sec_privilege sec_privilege_from_mask(uint64_t mask); /* - map a privilege name to a privilege id. Return -1 if not found + assist in walking the table of privileges - return the LUID (low 32 bits) by index */ enum sec_privilege sec_privilege_from_index(int idx); /* + assist in walking the table of privileges - return the string constant by index +*/ +const char *sec_privilege_name_from_index(int idx); + +/* return true if a security_token has a particular privilege bit set */ bool security_token_has_privilege(const struct security_token *token, enum sec_privilege privilege); |