diff options
author | Jeremy Allison <jra@samba.org> | 2006-09-13 16:30:40 +0000 |
---|---|---|
committer | Gerald (Jerry) Carter <jerry@samba.org> | 2007-10-10 11:51:44 -0500 |
commit | b3b207e9668fb3378350afef42820ffdc1dd6271 (patch) | |
tree | e3f239eea173e735db0491115a9fdaad119e44fb /source3/passdb | |
parent | 48e2a2bfb75cdc914345b498012e82331546f0c0 (diff) | |
download | samba-b3b207e9668fb3378350afef42820ffdc1dd6271.tar.gz samba-b3b207e9668fb3378350afef42820ffdc1dd6271.tar.bz2 samba-b3b207e9668fb3378350afef42820ffdc1dd6271.zip |
r18483: Ensure all pdb_XXX calls are wrapped in become_root()/unbecome_root()
pairs. Should fix bug #4097.
Jeremy.
(This used to be commit f787b9d156992e0069860cb1ab829970cb69eb81)
Diffstat (limited to 'source3/passdb')
-rw-r--r-- | source3/passdb/lookup_sid.c | 37 |
1 files changed, 32 insertions, 5 deletions
diff --git a/source3/passdb/lookup_sid.c b/source3/passdb/lookup_sid.c index b339754c6d..e89c5a41a2 100644 --- a/source3/passdb/lookup_sid.c +++ b/source3/passdb/lookup_sid.c @@ -1117,6 +1117,7 @@ void uid_to_sid(DOM_SID *psid, uid_t uid) { uid_t low, high; uint32 rid; + BOOL ret; ZERO_STRUCTP(psid); @@ -1131,7 +1132,11 @@ void uid_to_sid(DOM_SID *psid, uid_t uid) goto done; } - if (pdb_uid_to_rid(uid, &rid)) { + become_root(); + ret = pdb_uid_to_rid(uid, &rid); + unbecome_root(); + + if (ret) { /* This is a mapped user */ sid_copy(psid, get_global_sam_sid()); sid_append_rid(psid, rid); @@ -1156,6 +1161,7 @@ void uid_to_sid(DOM_SID *psid, uid_t uid) void gid_to_sid(DOM_SID *psid, gid_t gid) { + BOOL ret; gid_t low, high; ZERO_STRUCTP(psid); @@ -1171,7 +1177,11 @@ void gid_to_sid(DOM_SID *psid, gid_t gid) goto done; } - if (pdb_gid_to_sid(gid, psid)) { + become_root(); + ret = pdb_gid_to_sid(gid, psid); + unbecome_root(); + + if (ret) { /* This is a mapped group */ goto done; } @@ -1213,8 +1223,13 @@ BOOL sid_to_uid(const DOM_SID *psid, uid_t *puid) if (sid_peek_check_rid(get_global_sam_sid(), psid, &rid)) { union unid_t id; + BOOL ret; - if (pdb_sid_to_id(psid, &id, &type)) { + become_root(); + ret = pdb_sid_to_id(psid, &id, &type); + unbecome_root(); + + if (ret) { if (type != SID_NAME_USER) { DEBUG(5, ("sid %s is a %s, expected a user\n", sid_string_static(psid), @@ -1288,7 +1303,13 @@ BOOL sid_to_gid(const DOM_SID *psid, gid_t *pgid) if ((sid_check_is_in_builtin(psid) || sid_check_is_in_wellknown_domain(psid))) { - if (pdb_getgrsid(&map, *psid)) { + BOOL ret; + + become_root(); + ret = pdb_getgrsid(&map, *psid); + unbecome_root(); + + if (ret) { *pgid = map.gid; goto done; } @@ -1296,7 +1317,13 @@ BOOL sid_to_gid(const DOM_SID *psid, gid_t *pgid) } if (sid_peek_check_rid(get_global_sam_sid(), psid, &rid)) { - if (pdb_sid_to_id(psid, &id, &type)) { + BOOL ret; + + become_root(); + ret = pdb_sid_to_id(psid, &id, &type); + unbecome_root(); + + if (ret) { if ((type != SID_NAME_DOM_GRP) && (type != SID_NAME_ALIAS)) { DEBUG(5, ("sid %s is a %s, expected a group\n", |