Fixed up the user/group contexts when using authenticated pipes.

Added a become_root()/unbecome_root() (push/pop security context) around the initgroups() call to ensure it would succeed. Hmmm - I wonder if this call being done as non-root might explain any "group access" bugs we've had in the past.... Jeremy. (This used to be commit 06a65972e872f37d88b84f22ea714feebd38f6c0)
author: Jeremy Allison <jra@samba.org> 2000-08-04 00:59:09 +0000
committer: Jeremy Allison <jra@samba.org> 2000-08-04 00:59:09 +0000
commit: 06e4f11acd3aedd6c8e4adf365932a01eca902b8 (patch)
tree: 07a8837ca9915b56fa0829a537f1e8a68f4e5a0c /source3/smbd/uid.c
parent: f87399915b009f88c41cb75a583c2972fe3daf30 (diff)
download: samba-06e4f11acd3aedd6c8e4adf365932a01eca902b8.tar.gz
samba-06e4f11acd3aedd6c8e4adf365932a01eca902b8.tar.bz2
samba-06e4f11acd3aedd6c8e4adf365932a01eca902b8.zip
1 files changed, 1 insertions, 2 deletions
diff --git a/source3/smbd/uid.c b/source3/smbd/uid.c
index f6687e9a5a..fafcd71b1a 100644
--- a/source3/smbd/uid.c
+++ b/source3/smbd/uid.c
@@ -207,9 +207,8 @@ BOOL become_authenticated_pipe_user(pipes_struct *p)
 		return False;
 	}
 
-	/* JRATEST - this needs fixined w.r.t. NT user tokens... */
 	set_sec_ctx(p->pipe_user.uid, p->pipe_user.gid, 
-		    p->pipe_user.ngroups, p->pipe_user.groups, NULL);
+		    p->pipe_user.ngroups, p->pipe_user.groups, p->pipe_user.nt_user_token);
 
 	return True;
 }
author	Jeremy Allison <jra@samba.org>	2000-08-04 00:59:09 +0000
committer	Jeremy Allison <jra@samba.org>	2000-08-04 00:59:09 +0000
commit	06e4f11acd3aedd6c8e4adf365932a01eca902b8 (patch)
tree	07a8837ca9915b56fa0829a537f1e8a68f4e5a0c /source3/smbd/uid.c
parent	f87399915b009f88c41cb75a583c2972fe3daf30 (diff)
download	samba-06e4f11acd3aedd6c8e4adf365932a01eca902b8.tar.gz samba-06e4f11acd3aedd6c8e4adf365932a01eca902b8.tar.bz2 samba-06e4f11acd3aedd6c8e4adf365932a01eca902b8.zip