r4025: added a sec_access_check() function for checking security descriptors

against a users security token and access_mask
(This used to be commit c4d21cd4b1ccffd5aaa70a551c57f6eab1ca9c6d)

1 files changed, 0 insertions, 39 deletions

diff --git a/source4/libcli/security/security_descriptor.c b/source4/libcli/security/security_descriptor.c
index a4056e5e71..1783c62f37 100644
--- a/source4/libcli/security/security_descriptor.c
+++ b/source4/libcli/security/security_descriptor.c
@@ -65,45 +65,6 @@ struct security_descriptor *security_descriptor_copy(TALLOC_CTX *mem_ctx,
 	return nsd;
 }
 
-NTSTATUS security_check_dacl(struct security_token *st, 
-			     struct security_descriptor *sd, 
-			     uint32 access_mask)
-{
-	size_t i,y;
-	NTSTATUS status = NT_STATUS_ACCESS_DENIED;
-
-	DEBUG(1, ("security_check_dacl(): sorry untested yet\n"));
-	return status;
-
-	if (!sd->dacl) {
-		return NT_STATUS_INVALID_ACL;
-	}
-
-	for (i=0; i < st->num_sids; i++) {
-		for (y=0; y < sd->dacl->num_aces; y++) {
-			if (dom_sid_equal(&st->sids[i], &sd->dacl->aces[y].trustee)) {
-				switch (sd->dacl->aces[y].type) {
-					case SEC_ACE_TYPE_ACCESS_ALLOWED:
-						if (access_mask & sd->dacl->aces[y].access_mask) {
-							status = NT_STATUS_OK;
-						}
-						break;
-					case SEC_ACE_TYPE_ACCESS_DENIED:
-						if (access_mask & sd->dacl->aces[y].access_mask) {
-							return NT_STATUS_ACCESS_DENIED;
-						}
-						break;
-					default:
-						return NT_STATUS_INVALID_ACL;
-				}
-			}
-		}
-	}
-
-	return status;
-}
-
-
 /*
   add an ACE to the DACL of a security_descriptor
 */