s4-ldb: Added the correct extended check for read access to nTSecurityDescriptor

It does not depend on READ_PROPERTY, but on SECURITY_PRIVILEGE and READ_CONTROL Autobuild-User: Nadezhda Ivanova <nivanova@samba.org> Autobuild-Date: Wed Oct 27 13:18:50 UTC 2010 on sn-devel-104
author: Nadezhda Ivanova <nivanova@samba.org> 2010-10-27 15:20:49 +0300
committer: Nadezhda Ivanova <nivanova@samba.org> 2010-10-27 13:18:50 +0000
commit: 5bc2b8f0a494511800696d6d411a426463089e8b (patch)
tree: 7720f8306ee7ba428b08526941b7fd4677024dd5 /source4/dsdb/samdb
parent: 3003bd40379b669e8b2cef7a40784f0114344f8e (diff)
download: samba-5bc2b8f0a494511800696d6d411a426463089e8b.tar.gz
samba-5bc2b8f0a494511800696d6d411a426463089e8b.tar.bz2
samba-5bc2b8f0a494511800696d6d411a426463089e8b.zip
1 files changed, 1 insertions, 1 deletions
diff --git a/source4/dsdb/samdb/ldb_modules/acl_read.c b/source4/dsdb/samdb/ldb_modules/acl_read.c
index 78a9e28396..bd9e1289f3 100644
--- a/source4/dsdb/samdb/ldb_modules/acl_read.c
+++ b/source4/dsdb/samdb/ldb_modules/acl_read.c
@@ -146,7 +146,7 @@ static int aclread_callback(struct ldb_request *req, struct ldb_reply *ares)
 								     tmp_ctx,
 								     sd,
 								     sid,
-								     SEC_FLAG_SYSTEM_SECURITY,
+								     SEC_FLAG_SYSTEM_SECURITY|SEC_STD_READ_CONTROL,
 								     attr);
 			 } else {
 				 ret = acl_check_access_on_attribute(ac->module,
author	Nadezhda Ivanova <nivanova@samba.org>	2010-10-27 15:20:49 +0300
committer	Nadezhda Ivanova <nivanova@samba.org>	2010-10-27 13:18:50 +0000
commit	5bc2b8f0a494511800696d6d411a426463089e8b (patch)
tree	7720f8306ee7ba428b08526941b7fd4677024dd5 /source4/dsdb/samdb
parent	3003bd40379b669e8b2cef7a40784f0114344f8e (diff)
download	samba-5bc2b8f0a494511800696d6d411a426463089e8b.tar.gz samba-5bc2b8f0a494511800696d6d411a426463089e8b.tar.bz2 samba-5bc2b8f0a494511800696d6d411a426463089e8b.zip