diff options
| author | Andrew Tridgell <tridge@samba.org> | 2009-10-16 10:01:28 +1100 |
|---|---|---|
| committer | Andrew Tridgell <tridge@samba.org> | 2009-10-16 10:12:18 +1100 |
| commit | 068e09847ad3e494a8b5176980b3c0d46ddf4618 (patch) | |
| tree | ea3e590d7f9e6d8162efc90193c362112ffc72ee /librpc | |
| parent | c35f18513ac804b6734630a943d70811bb8fb2d0 (diff) | |
| download | samba-068e09847ad3e494a8b5176980b3c0d46ddf4618.tar.gz samba-068e09847ad3e494a8b5176980b3c0d46ddf4618.tar.bz2 samba-068e09847ad3e494a8b5176980b3c0d46ddf4618.zip | |
idl: added bit definition for privilege masks
When you have backup or restore privileges, you automatically get
extra access bits in ACL interpretation. This adds definitions for the
bits you get.
Diffstat (limited to 'librpc')
| -rw-r--r-- | librpc/gen_ndr/security.h | 4 | ||||
| -rw-r--r-- | librpc/idl/security.idl | 15 |
2 files changed, 19 insertions, 0 deletions
diff --git a/librpc/gen_ndr/security.h b/librpc/gen_ndr/security.h index 05df02ae8f..297ba18d7f 100644 --- a/librpc/gen_ndr/security.h +++ b/librpc/gen_ndr/security.h @@ -70,6 +70,10 @@ #define SEC_RIGHTS_DIR_WRITE ( SEC_RIGHTS_FILE_WRITE ) #define SEC_RIGHTS_DIR_EXECUTE ( SEC_RIGHTS_FILE_EXECUTE ) #define SEC_RIGHTS_DIR_ALL ( SEC_RIGHTS_FILE_ALL ) +#define SEC_RIGHTS_PRIV_BACKUP ( SEC_STD_READ_CONTROL|SEC_FLAG_SYSTEM_SECURITY|SEC_GENERIC_READ ) +#define SEC_RIGHTS_DIR_PRIV_BACKUP ( SEC_RIGHTS_PRIV_BACKUP|SEC_DIR_TRAVERSE ) +#define SEC_RIGHTS_PRIV_RESTORE ( SEC_STD_WRITE_DAC|SEC_STD_WRITE_OWNER|SEC_FLAG_SYSTEM_SECURITY|SEC_STD_DELETE ) +#define SEC_RIGHTS_DIR_PRIV_RESTORE ( SEC_RIGHTS_PRIV_RESTORE|SEC_DIR_ADD_FILE|SEC_DIR_ADD_SUBDIR ) #define STANDARD_RIGHTS_ALL_ACCESS ( SEC_STD_ALL ) #define STANDARD_RIGHTS_MODIFY_ACCESS ( SEC_STD_READ_CONTROL ) #define STANDARD_RIGHTS_EXECUTE_ACCESS ( SEC_STD_READ_CONTROL ) diff --git a/librpc/idl/security.idl b/librpc/idl/security.idl index 96d24b6685..c24dc64bd7 100644 --- a/librpc/idl/security.idl +++ b/librpc/idl/security.idl @@ -144,6 +144,21 @@ interface security const int SEC_RIGHTS_DIR_EXECUTE = SEC_RIGHTS_FILE_EXECUTE; const int SEC_RIGHTS_DIR_ALL = SEC_RIGHTS_FILE_ALL; + /* rights granted by some specific privileges */ + const int SEC_RIGHTS_PRIV_BACKUP = SEC_STD_READ_CONTROL | + SEC_FLAG_SYSTEM_SECURITY | + SEC_GENERIC_READ; + const int SEC_RIGHTS_DIR_PRIV_BACKUP = SEC_RIGHTS_PRIV_BACKUP + | SEC_DIR_TRAVERSE; + + const int SEC_RIGHTS_PRIV_RESTORE = SEC_STD_WRITE_DAC | + SEC_STD_WRITE_OWNER | + SEC_FLAG_SYSTEM_SECURITY | + SEC_STD_DELETE; + const int SEC_RIGHTS_DIR_PRIV_RESTORE = SEC_RIGHTS_PRIV_RESTORE | + SEC_DIR_ADD_FILE | + SEC_DIR_ADD_SUBDIR; + /* combinations of standard masks. */ const int STANDARD_RIGHTS_ALL_ACCESS = SEC_STD_ALL; /* 0x001f0000 */ const int STANDARD_RIGHTS_MODIFY_ACCESS = SEC_STD_READ_CONTROL; /* 0x00020000 */ |