diff options
author | Gerald Carter <jerry@samba.org> | 2005-01-26 20:36:44 +0000 |
---|---|---|
committer | Gerald (Jerry) Carter <jerry@samba.org> | 2007-10-10 10:55:12 -0500 |
commit | 46d8ff2320a1c195c3b54c57f5bf172c8473a741 (patch) | |
tree | e82641aeeb068339919bc69287e1db936b20e293 /source3/lib | |
parent | 02c25a2683204d8b20a1e69ea354b9e08b0fd94d (diff) | |
download | samba-46d8ff2320a1c195c3b54c57f5bf172c8473a741.tar.gz samba-46d8ff2320a1c195c3b54c57f5bf172c8473a741.tar.bz2 samba-46d8ff2320a1c195c3b54c57f5bf172c8473a741.zip |
r5015: (based on abartlet's original patch to restrict password changes)
* added SE_PRIV checks to access_check_samr_object() in order
to deal with the run-time security descriptor and their
interaction with user rights
* Reordered original patch in _samr_set_userinfo[2] to still
allow root/administrative password changes for users and machines.
(This used to be commit f9f9e6039bd9443d54445e41c3783a2be18925fb)
Diffstat (limited to 'source3/lib')
-rw-r--r-- | source3/lib/privileges.c | 78 |
1 files changed, 74 insertions, 4 deletions
diff --git a/source3/lib/privileges.c b/source3/lib/privileges.c index ea81f9fce0..4feb730fee 100644 --- a/source3/lib/privileges.c +++ b/source3/lib/privileges.c @@ -114,7 +114,7 @@ BOOL se_priv_copy( SE_PRIV *dst, const SE_PRIV *src ) combine 2 SE_PRIV structures and store the resulting set in mew_mask ****************************************************************************/ -static void se_priv_add( SE_PRIV *mask, const SE_PRIV *addpriv ) +void se_priv_add( SE_PRIV *mask, const SE_PRIV *addpriv ) { int i; @@ -128,7 +128,7 @@ static void se_priv_add( SE_PRIV *mask, const SE_PRIV *addpriv ) in mew_mask ****************************************************************************/ -static void se_priv_remove( SE_PRIV *mask, const SE_PRIV *removepriv ) +void se_priv_remove( SE_PRIV *mask, const SE_PRIV *removepriv ) { int i; @@ -159,6 +159,23 @@ static BOOL se_priv_equal( const SE_PRIV *mask1, const SE_PRIV *mask2 ) return ( memcmp(mask1, mask2, sizeof(SE_PRIV)) == 0 ); } +/*************************************************************************** + check if a SE_PRIV has any assigned privileges +****************************************************************************/ + +static BOOL se_priv_empty( const SE_PRIV *mask ) +{ + SE_PRIV p1; + int i; + + se_priv_copy( &p1, mask ); + + for ( i=0; i<SE_PRIV_MASKSIZE; i++ ) { + p1.mask[i] &= se_priv_all.mask[i]; + } + + return se_priv_equal( &p1, &se_priv_none ); +} /*************************************************************************** dump an SE_PRIV structure to the log files @@ -252,13 +269,20 @@ static BOOL set_privileges( const DOM_SID *sid, SE_PRIV *mask ) check if the privilege is in the privilege list ****************************************************************************/ -static BOOL is_privilege_assigned( SE_PRIV *privileges, SE_PRIV *check ) +static BOOL is_privilege_assigned( SE_PRIV *privileges, const SE_PRIV *check ) { SE_PRIV p1, p2; if ( !privileges || !check ) return False; + /* everyone has privileges if you aren't checking for any */ + + if ( se_priv_empty( check ) ) { + DEBUG(1,("is_privilege_assigned: no privileges in check_mask!\n")); + return True; + } + se_priv_copy( &p1, check ); /* invert the SE_PRIV we want to check for and remove that from the @@ -273,6 +297,39 @@ static BOOL is_privilege_assigned( SE_PRIV *privileges, SE_PRIV *check ) } /**************************************************************************** + check if the privilege is in the privilege list +****************************************************************************/ + +static BOOL is_any_privilege_assigned( SE_PRIV *privileges, const SE_PRIV *check ) +{ + SE_PRIV p1, p2; + + if ( !privileges || !check ) + return False; + + /* everyone has privileges if you aren't checking for any */ + + if ( se_priv_empty( check ) ) { + DEBUG(1,("is_any_privilege_assigned: no privileges in check_mask!\n")); + return True; + } + + se_priv_copy( &p1, check ); + + /* invert the SE_PRIV we want to check for and remove that from the + original set. If we are left with the SE_PRIV we are checking + for then return True */ + + se_priv_invert( &p1, check ); + se_priv_copy( &p2, privileges ); + se_priv_remove( &p2, &p1 ); + + /* see if we have any bits left */ + + return !se_priv_empty( &p2 ); +} + +/**************************************************************************** add a privilege to a privilege array ****************************************************************************/ @@ -633,7 +690,7 @@ NTSTATUS dup_luid_attr(TALLOC_CTX *mem_ctx, LUID_ATTR **new_la, LUID_ATTR *old_l at a time here. *****************************************************************************/ -BOOL user_has_privileges(NT_USER_TOKEN *token, SE_PRIV *privilege) +BOOL user_has_privileges(NT_USER_TOKEN *token, const SE_PRIV *privilege) { if ( !token ) return False; @@ -642,6 +699,19 @@ BOOL user_has_privileges(NT_USER_TOKEN *token, SE_PRIV *privilege) } /**************************************************************************** + Does the user have any of the specified privileges ? We only deal with one privilege + at a time here. +*****************************************************************************/ + +BOOL user_has_any_privilege(NT_USER_TOKEN *token, const SE_PRIV *privilege) +{ + if ( !token ) + return False; + + return is_any_privilege_assigned( &token->privileges, privilege ); +} + +/**************************************************************************** Convert a LUID to a named string ****************************************************************************/ |