diff options
author | Jeremy Allison <jra@samba.org> | 2010-10-15 15:28:23 -0700 |
---|---|---|
committer | Jeremy Allison <jra@samba.org> | 2010-10-15 17:38:22 -0700 |
commit | e031f8ae6aee266c0ebf0b53465906e215ac9561 (patch) | |
tree | 0091149d08d3f72de11a2b4fb0125b39c3de78cc /source3/smbd | |
parent | f4a9d25cfc70e79f476d01ae3234f2155bbcf39e (diff) | |
download | samba-e031f8ae6aee266c0ebf0b53465906e215ac9561.tar.gz samba-e031f8ae6aee266c0ebf0b53465906e215ac9561.tar.bz2 samba-e031f8ae6aee266c0ebf0b53465906e215ac9561.zip |
Fix "force unknown ACL user" to strip out foreign SIDs from POSIX ACLs if they can't be mapped.
Diffstat (limited to 'source3/smbd')
-rw-r--r-- | source3/smbd/posix_acls.c | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/source3/smbd/posix_acls.c b/source3/smbd/posix_acls.c index fa715fb673..05f6439957 100644 --- a/source3/smbd/posix_acls.c +++ b/source3/smbd/posix_acls.c @@ -1753,6 +1753,14 @@ static bool create_canon_ace_lists(files_struct *fsp, continue; } + if (lp_force_unknown_acl_user(SNUM(fsp->conn))) { + DEBUG(10, ("create_canon_ace_lists: ignoring " + "unknown or foreign SID %s\n", + sid_string_dbg(&psa->trustee))); + SAFE_FREE(current_ace); + continue; + } + free_canon_ace_list(file_ace); free_canon_ace_list(dir_ace); DEBUG(0, ("create_canon_ace_lists: unable to map SID " |