diff options
| author | Andrew Tridgell <tridge@samba.org> | 2010-10-14 13:32:17 +1100 |
|---|---|---|
| committer | Andrew Tridgell <tridge@samba.org> | 2010-10-14 03:16:41 +0000 |
| commit | 40a6e019fdb9ed3d736883b7ba349a976f215208 (patch) | |
| tree | 8b83bf8669a19b918155c8c852b5c7baf256826c /libcli | |
| parent | f7ffc12e2d43bd2dddb0a29eb778ff69a6b2802d (diff) | |
| download | samba-40a6e019fdb9ed3d736883b7ba349a976f215208.tar.gz samba-40a6e019fdb9ed3d736883b7ba349a976f215208.tar.bz2 samba-40a6e019fdb9ed3d736883b7ba349a976f215208.zip | |
security: ensure the merge of libcli/security doesn't change s3 behaviour
Jeremy, you put a #if 0 around this logic in this commit:
8344e945 (Jeremy Allison 2008-10-31 10:51:45 -0700 181)
is this still needed?
Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>
Autobuild-User: Andrew Tridgell <tridge@samba.org>
Autobuild-Date: Thu Oct 14 03:16:41 UTC 2010 on sn-devel-104
Diffstat (limited to 'libcli')
| -rw-r--r-- | libcli/security/access_check.c | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/libcli/security/access_check.c b/libcli/security/access_check.c index e7c48cae08..35ee05716e 100644 --- a/libcli/security/access_check.c +++ b/libcli/security/access_check.c @@ -179,6 +179,10 @@ NTSTATUS se_access_check(const struct security_descriptor *sd, bits_remaining)); } +#if (_SAMBA_BUILD_ >= 4) + /* s3 had this with #if 0 previously. To be sure the merge + doesn't change any behaviour, we have the above #if check + on _SAMBA_BUILD_. */ if (access_desired & SEC_FLAG_SYSTEM_SECURITY) { if (security_token_has_privilege(token, SEC_PRIV_SECURITY)) { bits_remaining &= ~SEC_FLAG_SYSTEM_SECURITY; @@ -186,6 +190,7 @@ NTSTATUS se_access_check(const struct security_descriptor *sd, return NT_STATUS_PRIVILEGE_NOT_HELD; } } +#endif /* a NULL dacl allows access */ if ((sd->type & SEC_DESC_DACL_PRESENT) && sd->dacl == NULL) { |