summaryrefslogtreecommitdiff
path: root/source3/rpc_server
diff options
context:
space:
mode:
authorSimo Sorce <idra@samba.org>2005-03-24 00:01:56 +0000
committerGerald (Jerry) Carter <jerry@samba.org>2007-10-10 10:56:16 -0500
commit899ade0e62ebbfd6994101c45bb56d20357535af (patch)
tree997194cb73b502c625bd3c761c8d2044d8179c09 /source3/rpc_server
parent5d1cb8e79edea9e8581d3c2c9dd297310cd9a98c (diff)
downloadsamba-899ade0e62ebbfd6994101c45bb56d20357535af.tar.gz
samba-899ade0e62ebbfd6994101c45bb56d20357535af.tar.bz2
samba-899ade0e62ebbfd6994101c45bb56d20357535af.zip
r6016: Give access only to root and Domain Users
(This used to be commit d3557ed4b7c4d58a50cc6041c06cc4eff5ef659a)
Diffstat (limited to 'source3/rpc_server')
-rw-r--r--source3/rpc_server/srv_srvsvc_nt.c34
1 files changed, 23 insertions, 11 deletions
diff --git a/source3/rpc_server/srv_srvsvc_nt.c b/source3/rpc_server/srv_srvsvc_nt.c
index a00409afc8..5dd2e6e47f 100644
--- a/source3/rpc_server/srv_srvsvc_nt.c
+++ b/source3/rpc_server/srv_srvsvc_nt.c
@@ -1354,13 +1354,13 @@ net sess del
WERROR _srv_net_sess_del(pipes_struct *p, SRV_Q_NET_SESS_DEL *q_u, SRV_R_NET_SESS_DEL *r_u)
{
- struct current_user user;
struct sessionid *session_list;
+ struct current_user user;
int num_sessions, snum, ret;
fstring username;
fstring machine;
- SE_PRIV se_diskop = SE_DISK_OPERATOR; /* Is disk op appropriate here ? JRA. */
- BOOL is_disk_op = False;
+ /* SE_PRIV se_diskop = SE_DISK_OPERATOR; / * Is disk op appropriate here ? JRA. * /
+ BOOL is_disk_op = False; / * No. SSS. :) */
rpcstr_pull_unistr2_fstring(username, &q_u->uni_user_name);
rpcstr_pull_unistr2_fstring(machine, &q_u->uni_cli_name);
@@ -1374,32 +1374,44 @@ WERROR _srv_net_sess_del(pipes_struct *p, SRV_Q_NET_SESS_DEL *q_u, SRV_R_NET_SES
DEBUG(5,("_srv_net_sess_del: %d\n", __LINE__));
- get_current_user(&user,p);
-
- is_disk_op = user_has_privileges( p->pipe_user.nt_user_token, &se_diskop );
-
- /* fail out now if you are not root and not a disk op */
+ /* is_disk_op = user_has_privileges( p->pipe_user.nt_user_token, &se_diskop ); */
- if ( user.uid != sec_initial_uid() && !is_disk_op )
- return WERR_ACCESS_DENIED;
-
r_u->status = WERR_ACCESS_DENIED;
+ get_current_user(&user, p);
+ /* fail out now if you are not root */
+ /* or at least domain admins */
+ if ((user.uid != sec_initial_uid()) &&
+ ( ! nt_token_check_domain_rid(p->pipe_user.nt_user_token, DOMAIN_GROUP_RID_ADMINS))) {
+
+ goto done;
+ }
+
for (snum = 0; snum < num_sessions; snum++) {
if ((strequal(session_list[snum].username, username) || username[0] == '\0' ) &&
strequal(session_list[snum].remote_machine, machine)) {
+ if (user.uid != sec_initial_uid()) {
+ become_root();
+ }
if ((ret = message_send_pid(session_list[snum].pid, MSG_SHUTDOWN, NULL, 0, False))) {
r_u->status = WERR_OK;
} else {
r_u->status = WERR_ACCESS_DENIED;
}
+ if (user.uid != sec_initial_uid()) {
+ unbecome_root();
+ }
}
}
DEBUG(5,("_srv_net_sess_del: %d\n", __LINE__));
+
+done:
+ SAFE_FREE(session_list);
+
return r_u->status;
}