summaryrefslogtreecommitdiff
path: root/source3/rpc_server
diff options
context:
space:
mode:
authorJeremy Allison <jra@samba.org>2001-10-18 20:15:12 +0000
committerJeremy Allison <jra@samba.org>2001-10-18 20:15:12 +0000
commitc416ff851b4ecc7a44aee9d00d07dd481d8ae2a7 (patch)
treea663818999f244e52704caab9906b7857edce355 /source3/rpc_server
parent9a903a08a7c4f8407b4d6d0937f0bfda932d2ce3 (diff)
downloadsamba-c416ff851b4ecc7a44aee9d00d07dd481d8ae2a7.tar.gz
samba-c416ff851b4ecc7a44aee9d00d07dd481d8ae2a7.tar.bz2
samba-c416ff851b4ecc7a44aee9d00d07dd481d8ae2a7.zip
Merge the become_XXX -> change_to_XXX fixes from 2.2.2 to HEAD.
Ensure make_conection() can only be called as root. Jeremy. (This used to be commit 8d23a7441b4687458ee021bfe8880558506eddba)
Diffstat (limited to 'source3/rpc_server')
-rw-r--r--source3/rpc_server/srv_netlog_nt.c2
-rw-r--r--source3/rpc_server/srv_pipe.c7
-rw-r--r--source3/rpc_server/srv_srvsvc_nt.c6
3 files changed, 8 insertions, 7 deletions
diff --git a/source3/rpc_server/srv_netlog_nt.c b/source3/rpc_server/srv_netlog_nt.c
index 678c48ff71..7a7ff09d71 100644
--- a/source3/rpc_server/srv_netlog_nt.c
+++ b/source3/rpc_server/srv_netlog_nt.c
@@ -708,7 +708,7 @@ NTSTATUS _net_sam_logon(pipes_struct *p, NET_Q_SAM_LOGON *q_u, NET_R_SAM_LOGON *
usr_info->ptr_user_info = 0;
/* XXXX hack to get standard_sub_basic() to use sam logon username */
- /* possibly a better way would be to do a become_user() call */
+ /* possibly a better way would be to do a change_to_user() call */
sam_logon_in_ssb = True;
pstrcpy(samlogon_user, nt_username);
diff --git a/source3/rpc_server/srv_pipe.c b/source3/rpc_server/srv_pipe.c
index 2957d7cc95..7079cc2ca1 100644
--- a/source3/rpc_server/srv_pipe.c
+++ b/source3/rpc_server/srv_pipe.c
@@ -1135,7 +1135,6 @@ BOOL api_pipe_request(pipes_struct *p)
{
int i = 0;
BOOL ret = False;
- BOOL changed_user_id = False;
if (p->ntlmssp_auth_validated) {
@@ -1143,8 +1142,6 @@ BOOL api_pipe_request(pipes_struct *p)
prs_mem_free(&p->out_data.rdata);
return False;
}
-
- changed_user_id = True;
}
for (i = 0; api_fd_commands[i].pipe_clnt_name; i++) {
@@ -1157,8 +1154,8 @@ BOOL api_pipe_request(pipes_struct *p)
}
}
- if(changed_user_id)
- unbecome_authenticated_pipe_user(p);
+ if(p->ntlmssp_auth_validated)
+ unbecome_authenticated_pipe_user();
return ret;
}
diff --git a/source3/rpc_server/srv_srvsvc_nt.c b/source3/rpc_server/srv_srvsvc_nt.c
index 2ae4a73874..44e44cfa3a 100644
--- a/source3/rpc_server/srv_srvsvc_nt.c
+++ b/source3/rpc_server/srv_srvsvc_nt.c
@@ -1598,7 +1598,9 @@ NTSTATUS _srv_net_file_query_secdesc(pipes_struct *p, SRV_Q_NET_FILE_QUERY_SECDE
get_current_user(&user, p);
+ become_root();
conn = make_connection(qualname, null_pw, 0, "A:", user.vuid, &nt_status);
+ unbecome_root();
if (conn == NULL) {
DEBUG(3,("_srv_net_file_query_secdesc: Unable to connect to %s\n", qualname));
@@ -1649,7 +1651,7 @@ NTSTATUS _srv_net_file_query_secdesc(pipes_struct *p, SRV_Q_NET_FILE_QUERY_SECDE
psd->dacl->revision = (uint16) NT4_ACL_REVISION;
close_file(fsp, True);
-
+ unbecome_user();
close_cnum(conn, user.vuid);
return r_u->status;
@@ -1700,7 +1702,9 @@ NTSTATUS _srv_net_file_set_secdesc(pipes_struct *p, SRV_Q_NET_FILE_SET_SECDESC *
get_current_user(&user, p);
+ become_root();
conn = make_connection(qualname, null_pw, 0, "A:", user.vuid, &nt_status);
+ unbecome_root();
if (conn == NULL) {
DEBUG(3,("_srv_net_file_set_secdesc: Unable to connect to %s\n", qualname));