summaryrefslogtreecommitdiff
path: root/source3/rpc_server
diff options
context:
space:
mode:
authorDavid O'Neill <dmo@samba.org>2001-01-23 20:25:25 +0000
committerDavid O'Neill <dmo@samba.org>2001-01-23 20:25:25 +0000
commiteee29958f5cacc753f3fa324327e0d8b14ac3006 (patch)
tree938597b59dfed27cd34514b3f44b095a31a01043 /source3/rpc_server
parentb9c5be4d79364db0fd3f9af186f165638cae1c54 (diff)
downloadsamba-eee29958f5cacc753f3fa324327e0d8b14ac3006.tar.gz
samba-eee29958f5cacc753f3fa324327e0d8b14ac3006.tar.bz2
samba-eee29958f5cacc753f3fa324327e0d8b14ac3006.zip
Changes from APPLIANCE_HEAD:
source/rpc_server/srv_spoolss_nt.c - add an access check to _spoolss_deleteprinter() to stop random users and passers by from deleting printers. source/lib/messages.c - converted global msg_all struct to a local in message_send_all() function. source/include/smb.h - added a success error code to the spoolss return codes. source/include/proto.h source/param/loadparm.c source/printing/printing.c - Added new parameter "total print jobs" to limit the total number of print jobs across all queues. Currently individual queues are limited by "max print jobs". (This used to be commit 02f154e729b0e8465d3e1e2ac794e6ab3844ce57)
Diffstat (limited to 'source3/rpc_server')
-rw-r--r--source3/rpc_server/srv_spoolss_nt.c36
1 files changed, 24 insertions, 12 deletions
diff --git a/source3/rpc_server/srv_spoolss_nt.c b/source3/rpc_server/srv_spoolss_nt.c
index 4f2c7fa03e..4be338d4d6 100644
--- a/source3/rpc_server/srv_spoolss_nt.c
+++ b/source3/rpc_server/srv_spoolss_nt.c
@@ -240,18 +240,28 @@ static BOOL close_printer_handle(POLICY_HND *hnd)
/****************************************************************************
delete a printer given a handle
****************************************************************************/
-static BOOL delete_printer_handle(POLICY_HND *hnd)
+static uint32 delete_printer_handle(POLICY_HND *hnd)
{
Printer_entry *Printer = find_printer_index_by_hnd(hnd);
if (!OPEN_HANDLE(Printer)) {
DEBUG(0,("delete_printer_handle: Invalid handle (%s)\n", OUR_HANDLE(hnd)));
- return False;
+ return ERROR_INVALID_HANDLE;
}
if (del_a_printer(Printer->dev.handlename) != 0) {
DEBUG(3,("Error deleting printer %s\n", Printer->dev.handlename));
- return False;
+ return ERROR_INVALID_HANDLE;
+ }
+
+ /* Check calling user has permission to delete printer. Note that
+ since we set the snum parameter to -1 only administrators can
+ delete the printer. This stops people with the Full Control
+ permission from deleting the printer. */
+
+ if (!print_access_check(NULL, -1, PRINTER_ACCESS_ADMINISTER)) {
+ DEBUG(3, ("printer delete denied by security descriptor\n"));
+ return ERROR_ACCESS_DENIED;
}
if (*lp_deleteprinter_cmd()) {
@@ -280,7 +290,7 @@ static BOOL delete_printer_handle(POLICY_HND *hnd)
ret = smbrun(command, tmp_file, False);
if (ret != 0) {
unlink(tmp_file);
- return False;
+ return ERROR_INVALID_HANDLE; /* What to return here? */
}
DEBUGADD(10,("returned [%d]\n", ret));
DEBUGADD(10,("Unlinking output file [%s]\n", tmp_file));
@@ -291,12 +301,12 @@ static BOOL delete_printer_handle(POLICY_HND *hnd)
if ( ( i = lp_servicenumber( Printer->dev.handlename ) ) >= 0 ) {
lp_killservice( i );
- return True;
+ return ERROR_SUCCESS;
} else
- return False;
+ return ERROR_ACCESS_DENIED;
}
- return True;
+ return ERROR_SUCCESS;
}
/****************************************************************************
@@ -855,16 +865,18 @@ uint32 _spoolss_closeprinter(POLICY_HND *handle)
uint32 _spoolss_deleteprinter(POLICY_HND *handle)
{
Printer_entry *Printer=find_printer_index_by_hnd(handle);
+ uint32 result;
if (Printer && Printer->document_started)
- _spoolss_enddocprinter(handle); /* print job was not closed */
+ _spoolss_enddocprinter(handle); /* print job was not closed */
- if (!delete_printer_handle(handle))
- return ERROR_INVALID_HANDLE;
+ result = delete_printer_handle(handle);
- srv_spoolss_sendnotify(handle);
+ if (result == ERROR_SUCCESS) {
+ srv_spoolss_sendnotify(handle);
+ }
- return NT_STATUS_NO_PROBLEMO;
+ return result;
}
/********************************************************************