diff options
author | Andrew Tridgell <tridge@samba.org> | 2004-12-01 05:22:24 +0000 |
---|---|---|
committer | Gerald (Jerry) Carter <jerry@samba.org> | 2007-10-10 13:06:15 -0500 |
commit | 1a7283a8fa5a7d97abc5b10f3d73ce99a4a7b905 (patch) | |
tree | 799e5ede5ea15e3fc81f18b35b219b66002c7ed3 /source4/libcli/security/security_descriptor.c | |
parent | b6c4b63dc59d10e7f93e726282b6f93f64dd7bb8 (diff) | |
download | samba-1a7283a8fa5a7d97abc5b10f3d73ce99a4a7b905.tar.gz samba-1a7283a8fa5a7d97abc5b10f3d73ce99a4a7b905.tar.bz2 samba-1a7283a8fa5a7d97abc5b10f3d73ce99a4a7b905.zip |
r4025: added a sec_access_check() function for checking security descriptors
against a users security token and access_mask
(This used to be commit c4d21cd4b1ccffd5aaa70a551c57f6eab1ca9c6d)
Diffstat (limited to 'source4/libcli/security/security_descriptor.c')
-rw-r--r-- | source4/libcli/security/security_descriptor.c | 39 |
1 files changed, 0 insertions, 39 deletions
diff --git a/source4/libcli/security/security_descriptor.c b/source4/libcli/security/security_descriptor.c index a4056e5e71..1783c62f37 100644 --- a/source4/libcli/security/security_descriptor.c +++ b/source4/libcli/security/security_descriptor.c @@ -65,45 +65,6 @@ struct security_descriptor *security_descriptor_copy(TALLOC_CTX *mem_ctx, return nsd; } -NTSTATUS security_check_dacl(struct security_token *st, - struct security_descriptor *sd, - uint32 access_mask) -{ - size_t i,y; - NTSTATUS status = NT_STATUS_ACCESS_DENIED; - - DEBUG(1, ("security_check_dacl(): sorry untested yet\n")); - return status; - - if (!sd->dacl) { - return NT_STATUS_INVALID_ACL; - } - - for (i=0; i < st->num_sids; i++) { - for (y=0; y < sd->dacl->num_aces; y++) { - if (dom_sid_equal(&st->sids[i], &sd->dacl->aces[y].trustee)) { - switch (sd->dacl->aces[y].type) { - case SEC_ACE_TYPE_ACCESS_ALLOWED: - if (access_mask & sd->dacl->aces[y].access_mask) { - status = NT_STATUS_OK; - } - break; - case SEC_ACE_TYPE_ACCESS_DENIED: - if (access_mask & sd->dacl->aces[y].access_mask) { - return NT_STATUS_ACCESS_DENIED; - } - break; - default: - return NT_STATUS_INVALID_ACL; - } - } - } - } - - return status; -} - - /* add an ACE to the DACL of a security_descriptor */ |