Fixed security bug when 'force user' and 'user only' are set.

Reported by Brian McCauley <B.A.McCauley@bham.ac.uk>. Jeremy. (This used to be commit 00067800a25d6f5fe11e833a01d5a7a1e76dcc11)
author: Jeremy Allison <jra@samba.org> 1997-12-23 11:30:58 +0000
committer: Jeremy Allison <jra@samba.org> 1997-12-23 11:30:58 +0000
commit: d4979e7727ef94de469e66b74a9bee6f9742d4c0 (patch)
tree: 35f3311bee353c16c16e7f00230b95435ccc1bc6 /source3
parent: d1e796d8577a666e5ef14f9bb462c080300dca3e (diff)
download: samba-d4979e7727ef94de469e66b74a9bee6f9742d4c0.tar.gz
samba-d4979e7727ef94de469e66b74a9bee6f9742d4c0.tar.bz2
samba-d4979e7727ef94de469e66b74a9bee6f9742d4c0.zip
1 files changed, 5 insertions, 2 deletions
diff --git a/source3/smbd/uid.c b/source3/smbd/uid.c
index b36fa4df06..46a2de4f17 100644
--- a/source3/smbd/uid.c
+++ b/source3/smbd/uid.c
@@ -222,10 +222,13 @@ BOOL become_user(connection_struct *conn, int cnum, uint16 vuid)
 
   snum = conn->service;
 
+  if((vuser != NULL) && !check_user_ok(conn, vuser, snum))
+    return False;
+
   if (conn->force_user || 
       lp_security() == SEC_SHARE ||
-      !(vuser) || (vuser->guest) ||
-      !check_user_ok(conn, vuser, snum))
+      !(vuser) || (vuser->guest)
+     )
   {
     uid = conn->uid;
     gid = conn->gid;
author	Jeremy Allison <jra@samba.org>	1997-12-23 11:30:58 +0000
committer	Jeremy Allison <jra@samba.org>	1997-12-23 11:30:58 +0000
commit	d4979e7727ef94de469e66b74a9bee6f9742d4c0 (patch)
tree	35f3311bee353c16c16e7f00230b95435ccc1bc6 /source3
parent	d1e796d8577a666e5ef14f9bb462c080300dca3e (diff)
download	samba-d4979e7727ef94de469e66b74a9bee6f9742d4c0.tar.gz samba-d4979e7727ef94de469e66b74a9bee6f9742d4c0.tar.bz2 samba-d4979e7727ef94de469e66b74a9bee6f9742d4c0.zip