summaryrefslogtreecommitdiff
path: root/source4/dsdb/samdb
diff options
context:
space:
mode:
authorNadezhda Ivanova <nivanova@samba.org>2010-10-27 15:20:49 +0300
committerNadezhda Ivanova <nivanova@samba.org>2010-10-27 13:18:50 +0000
commit5bc2b8f0a494511800696d6d411a426463089e8b (patch)
tree7720f8306ee7ba428b08526941b7fd4677024dd5 /source4/dsdb/samdb
parent3003bd40379b669e8b2cef7a40784f0114344f8e (diff)
downloadsamba-5bc2b8f0a494511800696d6d411a426463089e8b.tar.gz
samba-5bc2b8f0a494511800696d6d411a426463089e8b.tar.bz2
samba-5bc2b8f0a494511800696d6d411a426463089e8b.zip
s4-ldb: Added the correct extended check for read access to nTSecurityDescriptor
It does not depend on READ_PROPERTY, but on SECURITY_PRIVILEGE and READ_CONTROL Autobuild-User: Nadezhda Ivanova <nivanova@samba.org> Autobuild-Date: Wed Oct 27 13:18:50 UTC 2010 on sn-devel-104
Diffstat (limited to 'source4/dsdb/samdb')
-rw-r--r--source4/dsdb/samdb/ldb_modules/acl_read.c2
1 files changed, 1 insertions, 1 deletions
diff --git a/source4/dsdb/samdb/ldb_modules/acl_read.c b/source4/dsdb/samdb/ldb_modules/acl_read.c
index 78a9e28396..bd9e1289f3 100644
--- a/source4/dsdb/samdb/ldb_modules/acl_read.c
+++ b/source4/dsdb/samdb/ldb_modules/acl_read.c
@@ -146,7 +146,7 @@ static int aclread_callback(struct ldb_request *req, struct ldb_reply *ares)
tmp_ctx,
sd,
sid,
- SEC_FLAG_SYSTEM_SECURITY,
+ SEC_FLAG_SYSTEM_SECURITY|SEC_STD_READ_CONTROL,
attr);
} else {
ret = acl_check_access_on_attribute(ac->module,