summaryrefslogtreecommitdiff
path: root/source3/include/rpc_secdes.h
diff options
context:
space:
mode:
authorGerald Carter <jerry@samba.org>2005-01-28 16:55:09 +0000
committerGerald (Jerry) Carter <jerry@samba.org>2007-10-10 10:55:12 -0500
commit962a5c95528932fde64c8c8b70b0a81c382c2905 (patch)
treef55bbdd1d293dc0a3c86c3571f434520c021ad60 /source3/include/rpc_secdes.h
parent6441450e9306b1b09ca2a085d47992867acdd4ec (diff)
downloadsamba-962a5c95528932fde64c8c8b70b0a81c382c2905.tar.gz
samba-962a5c95528932fde64c8c8b70b0a81c382c2905.tar.bz2
samba-962a5c95528932fde64c8c8b70b0a81c382c2905.zip
r5056: * correct STANDARD_RIGHTS_WRITE_ACCESS bitmask define
* make sure to apply the rights_mask and not just the saved bits from the mask in access_check_samr_object() * allow root to grant/revoke privileges (in addition to Domain Admins) as suggested by Volker. Tested machine joins from XP, 2K, and NT4 with and without pre-existing machine trust accounts. Also tested basic file operations using cmd.exe and explorer.exe after changing the STANDARD_RIGHTS_WRITE_ACCESS bitmask. (This used to be commit c0e7f7ff60a4110809b8f500fdc68a1bf963da36)
Diffstat (limited to 'source3/include/rpc_secdes.h')
-rw-r--r--source3/include/rpc_secdes.h5
1 files changed, 4 insertions, 1 deletions
diff --git a/source3/include/rpc_secdes.h b/source3/include/rpc_secdes.h
index 1279007220..3e4c47dce9 100644
--- a/source3/include/rpc_secdes.h
+++ b/source3/include/rpc_secdes.h
@@ -251,7 +251,10 @@ typedef struct standard_mapping {
#define STANDARD_RIGHTS_ALL_ACCESS STD_RIGHT_ALL_ACCESS /* 0x001f0000 */
#define STANDARD_RIGHTS_EXECUTE_ACCESS STD_RIGHT_READ_CONTROL_ACCESS /* 0x00020000 */
#define STANDARD_RIGHTS_READ_ACCESS STD_RIGHT_READ_CONTROL_ACCESS /* 0x00020000 */
-#define STANDARD_RIGHTS_WRITE_ACCESS STD_RIGHT_READ_CONTROL_ACCESS /* 0x00020000 */
+#define STANDARD_RIGHTS_WRITE_ACCESS \
+ (STD_RIGHT_WRITE_OWNER_ACCESS | \
+ STD_RIGHT_WRITE_DAC_ACCESS | \
+ STD_RIGHT_DELETE_ACCESS) /* 0x000d0000 */
#define STANDARD_RIGHTS_REQUIRED_ACCESS \
(STD_RIGHT_DELETE_ACCESS | \
STD_RIGHT_READ_CONTROL_ACCESS | \
generated by cgit (git 2.34.1) at 2024-07-04 00:02:10 +0000