summaryrefslogtreecommitdiff
path: root/source3/passdb
diff options
context:
space:
mode:
authorJeremy Allison <jra@samba.org>2006-09-13 16:30:40 +0000
committerGerald (Jerry) Carter <jerry@samba.org>2007-10-10 11:51:44 -0500
commitb3b207e9668fb3378350afef42820ffdc1dd6271 (patch)
treee3f239eea173e735db0491115a9fdaad119e44fb /source3/passdb
parent48e2a2bfb75cdc914345b498012e82331546f0c0 (diff)
downloadsamba-b3b207e9668fb3378350afef42820ffdc1dd6271.tar.gz
samba-b3b207e9668fb3378350afef42820ffdc1dd6271.tar.bz2
samba-b3b207e9668fb3378350afef42820ffdc1dd6271.zip
r18483: Ensure all pdb_XXX calls are wrapped in become_root()/unbecome_root()
pairs. Should fix bug #4097. Jeremy. (This used to be commit f787b9d156992e0069860cb1ab829970cb69eb81)
Diffstat (limited to 'source3/passdb')
-rw-r--r--source3/passdb/lookup_sid.c37
1 files changed, 32 insertions, 5 deletions
diff --git a/source3/passdb/lookup_sid.c b/source3/passdb/lookup_sid.c
index b339754c6d..e89c5a41a2 100644
--- a/source3/passdb/lookup_sid.c
+++ b/source3/passdb/lookup_sid.c
@@ -1117,6 +1117,7 @@ void uid_to_sid(DOM_SID *psid, uid_t uid)
{
uid_t low, high;
uint32 rid;
+ BOOL ret;
ZERO_STRUCTP(psid);
@@ -1131,7 +1132,11 @@ void uid_to_sid(DOM_SID *psid, uid_t uid)
goto done;
}
- if (pdb_uid_to_rid(uid, &rid)) {
+ become_root();
+ ret = pdb_uid_to_rid(uid, &rid);
+ unbecome_root();
+
+ if (ret) {
/* This is a mapped user */
sid_copy(psid, get_global_sam_sid());
sid_append_rid(psid, rid);
@@ -1156,6 +1161,7 @@ void uid_to_sid(DOM_SID *psid, uid_t uid)
void gid_to_sid(DOM_SID *psid, gid_t gid)
{
+ BOOL ret;
gid_t low, high;
ZERO_STRUCTP(psid);
@@ -1171,7 +1177,11 @@ void gid_to_sid(DOM_SID *psid, gid_t gid)
goto done;
}
- if (pdb_gid_to_sid(gid, psid)) {
+ become_root();
+ ret = pdb_gid_to_sid(gid, psid);
+ unbecome_root();
+
+ if (ret) {
/* This is a mapped group */
goto done;
}
@@ -1213,8 +1223,13 @@ BOOL sid_to_uid(const DOM_SID *psid, uid_t *puid)
if (sid_peek_check_rid(get_global_sam_sid(), psid, &rid)) {
union unid_t id;
+ BOOL ret;
- if (pdb_sid_to_id(psid, &id, &type)) {
+ become_root();
+ ret = pdb_sid_to_id(psid, &id, &type);
+ unbecome_root();
+
+ if (ret) {
if (type != SID_NAME_USER) {
DEBUG(5, ("sid %s is a %s, expected a user\n",
sid_string_static(psid),
@@ -1288,7 +1303,13 @@ BOOL sid_to_gid(const DOM_SID *psid, gid_t *pgid)
if ((sid_check_is_in_builtin(psid) ||
sid_check_is_in_wellknown_domain(psid))) {
- if (pdb_getgrsid(&map, *psid)) {
+ BOOL ret;
+
+ become_root();
+ ret = pdb_getgrsid(&map, *psid);
+ unbecome_root();
+
+ if (ret) {
*pgid = map.gid;
goto done;
}
@@ -1296,7 +1317,13 @@ BOOL sid_to_gid(const DOM_SID *psid, gid_t *pgid)
}
if (sid_peek_check_rid(get_global_sam_sid(), psid, &rid)) {
- if (pdb_sid_to_id(psid, &id, &type)) {
+ BOOL ret;
+
+ become_root();
+ ret = pdb_sid_to_id(psid, &id, &type);
+ unbecome_root();
+
+ if (ret) {
if ((type != SID_NAME_DOM_GRP) &&
(type != SID_NAME_ALIAS)) {
DEBUG(5, ("sid %s is a %s, expected a group\n",