diff options
author | Jeremy Allison <jra@samba.org> | 2010-10-20 16:31:18 -0700 |
---|---|---|
committer | Jeremy Allison <jra@samba.org> | 2010-10-21 00:15:57 +0000 |
commit | e00c2b3cdf6faa03b6ffcf87dc677fdbdd381fe3 (patch) | |
tree | 4a4995eb0b7398bac357927efb5b84a9c0869c72 /source3/smbd/nttrans.c | |
parent | c0b9526aaf29442f85f62232e22aecfb484b1576 (diff) | |
download | samba-e00c2b3cdf6faa03b6ffcf87dc677fdbdd381fe3.tar.gz samba-e00c2b3cdf6faa03b6ffcf87dc677fdbdd381fe3.tar.bz2 samba-e00c2b3cdf6faa03b6ffcf87dc677fdbdd381fe3.zip |
Add code to implement SeSecurityPrivilege in net rpc rights, and in the
open and get/set NT security descriptor code.
Jeremy.
Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Thu Oct 21 00:15:57 UTC 2010 on sn-devel-104
Diffstat (limited to 'source3/smbd/nttrans.c')
-rw-r--r-- | source3/smbd/nttrans.c | 10 |
1 files changed, 10 insertions, 0 deletions
diff --git a/source3/smbd/nttrans.c b/source3/smbd/nttrans.c index 3a9f6813ec..caba21161c 100644 --- a/source3/smbd/nttrans.c +++ b/source3/smbd/nttrans.c @@ -1837,6 +1837,16 @@ NTSTATUS smbd_do_query_security_desc(connection_struct *conn, * Get the permissions to return. */ + if ((security_info_wanted & SECINFO_SACL) && + !(fsp->access_mask & SEC_FLAG_SYSTEM_SECURITY)) { + return NT_STATUS_ACCESS_DENIED; + } + + if ((security_info_wanted & (SECINFO_DACL|SECINFO_OWNER|SECINFO_GROUP)) && + !(fsp->access_mask & SEC_STD_READ_CONTROL)) { + return NT_STATUS_ACCESS_DENIED; + } + if (!lp_nt_acl_support(SNUM(conn))) { status = get_null_nt_acl(mem_ctx, &psd); } else { |