diff options
author | Jeremy Allison <jra@samba.org> | 2012-08-27 14:15:35 -0700 |
---|---|---|
committer | Jeremy Allison <jra@samba.org> | 2012-08-31 20:29:13 -0700 |
commit | 69d925d110a23e9f1cf9e6013729eb611b8ab58a (patch) | |
tree | e3034c01dfa4adef6f0407b4307a55792c487b83 /librpc/idl | |
parent | 4d7dad13158fe6d998d7f63ed0f4ac7935a29bf8 (diff) | |
download | samba-69d925d110a23e9f1cf9e6013729eb611b8ab58a.tar.gz samba-69d925d110a23e9f1cf9e6013729eb611b8ab58a.tar.bz2 samba-69d925d110a23e9f1cf9e6013729eb611b8ab58a.zip |
SEC_RIGHTS_DIR_PRIV_BACKUP and SEC_RIGHTS_DIR_PRIV_RESTORE aren't used anywhere. Remove (can re-add if needed).
Ensure the privilege rights are always specific rights, not generic.
By the time the privilege rights are examined, we've already mapped
from generic to specific in the access_mask.
Diffstat (limited to 'librpc/idl')
-rw-r--r-- | librpc/idl/security.idl | 15 |
1 files changed, 7 insertions, 8 deletions
diff --git a/librpc/idl/security.idl b/librpc/idl/security.idl index 5973fc5298..33085c4e14 100644 --- a/librpc/idl/security.idl +++ b/librpc/idl/security.idl @@ -147,19 +147,18 @@ interface security const int SEC_RIGHTS_DIR_ALL = SEC_RIGHTS_FILE_ALL; /* rights granted by some specific privileges */ - const int SEC_RIGHTS_PRIV_BACKUP = SEC_STD_READ_CONTROL | + const int SEC_RIGHTS_PRIV_BACKUP = SEC_STD_READ_CONTROL | SEC_FLAG_SYSTEM_SECURITY | - SEC_GENERIC_READ; - const int SEC_RIGHTS_DIR_PRIV_BACKUP = SEC_RIGHTS_PRIV_BACKUP - | SEC_DIR_TRAVERSE; + SEC_RIGHTS_FILE_READ | + SEC_DIR_TRAVERSE; - const int SEC_RIGHTS_PRIV_RESTORE = SEC_STD_WRITE_DAC | + const int SEC_RIGHTS_PRIV_RESTORE = SEC_STD_WRITE_DAC | SEC_STD_WRITE_OWNER | SEC_FLAG_SYSTEM_SECURITY | - SEC_STD_DELETE; - const int SEC_RIGHTS_DIR_PRIV_RESTORE = SEC_RIGHTS_PRIV_RESTORE | + SEC_RIGHTS_FILE_WRITE | SEC_DIR_ADD_FILE | - SEC_DIR_ADD_SUBDIR; + SEC_DIR_ADD_SUBDIR | + SEC_STD_DELETE; /* combinations of standard masks. */ const int STANDARD_RIGHTS_ALL_ACCESS = SEC_STD_ALL; /* 0x001f0000 */ |