summaryrefslogtreecommitdiff
path: root/nsswitch/winbind_nss_netbsd.c
diff options
context:
space:
mode:
authorJeremy Allison <jra@samba.org>2010-10-07 16:56:36 -0700
committerJeremy Allison <jra@samba.org>2010-10-08 00:37:53 +0000
commitcd04af78d51121cc16453fcd52e0d4c3516bc3c5 (patch)
tree5c928dbd4b16aa4af2d5b7958bbedf869aab5024 /nsswitch/winbind_nss_netbsd.c
parentfd9effce2bb981207a0662707c30e50100059c06 (diff)
downloadsamba-cd04af78d51121cc16453fcd52e0d4c3516bc3c5.tar.gz
samba-cd04af78d51121cc16453fcd52e0d4c3516bc3c5.tar.bz2
samba-cd04af78d51121cc16453fcd52e0d4c3516bc3c5.zip
Fix bug 7716 - acl_xattr and acl_tdb modules don't store unmodified copies of security descriptors.
As pointed out by an OEM, the code within smbd/posix_acl.c, even though passed a const pointer to a security descriptor, still modifies the ACE entries within it (which are not const pointers). This means ACLs stored in the extended attribute by the acl_xattr module have already been modified by the POSIX acl layer, and are not the original intent of storing the "unmodified" ACL from the client. Use dup_sec_desc to make a copy of the incoming ACL on talloc_tos() - that is what is then modified inside smbd/posix_acl.c, leaving the original ACL to be correctly stored in the xattr. Jeremy. Autobuild-User: Jeremy Allison <jra@samba.org> Autobuild-Date: Fri Oct 8 00:37:53 UTC 2010 on sn-devel-104
Diffstat (limited to 'nsswitch/winbind_nss_netbsd.c')
0 files changed, 0 insertions, 0 deletions