summaryrefslogtreecommitdiff
path: root/librpc/idl
diff options
context:
space:
mode:
authorJeremy Allison <jra@samba.org>2012-08-27 14:15:35 -0700
committerJeremy Allison <jra@samba.org>2012-08-31 20:29:13 -0700
commit69d925d110a23e9f1cf9e6013729eb611b8ab58a (patch)
treee3034c01dfa4adef6f0407b4307a55792c487b83 /librpc/idl
parent4d7dad13158fe6d998d7f63ed0f4ac7935a29bf8 (diff)
downloadsamba-69d925d110a23e9f1cf9e6013729eb611b8ab58a.tar.gz
samba-69d925d110a23e9f1cf9e6013729eb611b8ab58a.tar.bz2
samba-69d925d110a23e9f1cf9e6013729eb611b8ab58a.zip
SEC_RIGHTS_DIR_PRIV_BACKUP and SEC_RIGHTS_DIR_PRIV_RESTORE aren't used anywhere. Remove (can re-add if needed).
Ensure the privilege rights are always specific rights, not generic. By the time the privilege rights are examined, we've already mapped from generic to specific in the access_mask.
Diffstat (limited to 'librpc/idl')
-rw-r--r--librpc/idl/security.idl15
1 files changed, 7 insertions, 8 deletions
diff --git a/librpc/idl/security.idl b/librpc/idl/security.idl
index 5973fc5298..33085c4e14 100644
--- a/librpc/idl/security.idl
+++ b/librpc/idl/security.idl
@@ -147,19 +147,18 @@ interface security
const int SEC_RIGHTS_DIR_ALL = SEC_RIGHTS_FILE_ALL;
/* rights granted by some specific privileges */
- const int SEC_RIGHTS_PRIV_BACKUP = SEC_STD_READ_CONTROL |
+ const int SEC_RIGHTS_PRIV_BACKUP = SEC_STD_READ_CONTROL |
SEC_FLAG_SYSTEM_SECURITY |
- SEC_GENERIC_READ;
- const int SEC_RIGHTS_DIR_PRIV_BACKUP = SEC_RIGHTS_PRIV_BACKUP
- | SEC_DIR_TRAVERSE;
+ SEC_RIGHTS_FILE_READ |
+ SEC_DIR_TRAVERSE;
- const int SEC_RIGHTS_PRIV_RESTORE = SEC_STD_WRITE_DAC |
+ const int SEC_RIGHTS_PRIV_RESTORE = SEC_STD_WRITE_DAC |
SEC_STD_WRITE_OWNER |
SEC_FLAG_SYSTEM_SECURITY |
- SEC_STD_DELETE;
- const int SEC_RIGHTS_DIR_PRIV_RESTORE = SEC_RIGHTS_PRIV_RESTORE |
+ SEC_RIGHTS_FILE_WRITE |
SEC_DIR_ADD_FILE |
- SEC_DIR_ADD_SUBDIR;
+ SEC_DIR_ADD_SUBDIR |
+ SEC_STD_DELETE;
/* combinations of standard masks. */
const int STANDARD_RIGHTS_ALL_ACCESS = SEC_STD_ALL; /* 0x001f0000 */