summaryrefslogtreecommitdiff
path: root/source4/libcli/security
diff options
context:
space:
mode:
authorAndrew Tridgell <tridge@samba.org>2004-12-11 12:01:20 +0000
committerGerald (Jerry) Carter <jerry@samba.org>2007-10-10 13:07:19 -0500
commit02a9aa08923e348af2cda9829b64a5f98282164d (patch)
treed08fcad68289d714f1438162ecd944837aac87d9 /source4/libcli/security
parentdca888e51eb97df60a3af6779b88cfa8d0e34996 (diff)
downloadsamba-02a9aa08923e348af2cda9829b64a5f98282164d.tar.gz
samba-02a9aa08923e348af2cda9829b64a5f98282164d.tar.bz2
samba-02a9aa08923e348af2cda9829b64a5f98282164d.zip
r4150: - add fns for manipulating the privilege_mask in a security_token
- add the hooks in access_check that check the privilege bitmasks for SEC_STD_DELETE and SEC_FLAG_SYSTEM_SECURITY (This used to be commit 0fa3764edcabffe8f7d5e40f0097f97d0c4519c4)
Diffstat (limited to 'source4/libcli/security')
-rw-r--r--source4/libcli/security/access_check.c15
-rw-r--r--source4/libcli/security/privilege.c24
2 files changed, 33 insertions, 6 deletions
diff --git a/source4/libcli/security/access_check.c b/source4/libcli/security/access_check.c
index c646ee693b..4c8bb1bd1f 100644
--- a/source4/libcli/security/access_check.c
+++ b/source4/libcli/security/access_check.c
@@ -50,7 +50,10 @@ static uint32_t access_check_max_allowed(const struct security_descriptor *sd,
unsigned i;
if (sid_active_in_token(sd->owner_sid, token)) {
- granted |= SEC_STD_WRITE_DAC | SEC_STD_READ_CONTROL | SEC_STD_DELETE;
+ granted |= SEC_STD_WRITE_DAC | SEC_STD_READ_CONTROL;
+ }
+ if (sec_privilege_check(token, SEC_PRIV_RESTORE)) {
+ granted |= SEC_STD_DELETE;
}
for (i = 0;i<sd->dacl->num_aces; i++) {
@@ -96,17 +99,13 @@ NTSTATUS sec_access_check(const struct security_descriptor *sd,
bits_remaining = access_desired & ~SEC_STD_DELETE;
}
-#if 0
- /* this is where we should check for the "system security" privilege, once we
- move to the full security_token and not just the nt_user_token */
if (access_desired & SEC_FLAG_SYSTEM_SECURITY) {
- if (privilege_in_token(SE_PRIVILEGE_SYSTEM_SECURITY, token)) {
+ if (sec_privilege_check(token, SEC_PRIV_SECURITY)) {
bits_remaining &= ~SEC_FLAG_SYSTEM_SECURITY;
} else {
return NT_STATUS_ACCESS_DENIED;
}
}
-#endif
/* dacl not present allows access */
if (!(sd->type & SEC_DESC_DACL_PRESENT)) {
@@ -124,6 +123,10 @@ NTSTATUS sec_access_check(const struct security_descriptor *sd,
sid_active_in_token(sd->owner_sid, token)) {
bits_remaining &= ~(SEC_STD_WRITE_DAC|SEC_STD_READ_CONTROL);
}
+ if ((bits_remaining & SEC_STD_DELETE) &&
+ sec_privilege_check(token, SEC_PRIV_RESTORE)) {
+ bits_remaining &= ~SEC_STD_DELETE;
+ }
/* check each ace in turn. */
for (i=0; bits_remaining && i < sd->dacl->num_aces; i++) {
diff --git a/source4/libcli/security/privilege.c b/source4/libcli/security/privilege.c
index 1962aaa374..10a51c8b42 100644
--- a/source4/libcli/security/privilege.c
+++ b/source4/libcli/security/privilege.c
@@ -82,3 +82,27 @@ int sec_privilege_id(const char *name)
}
return -1;
}
+
+
+/*
+ return True if a security_token has a particular privilege bit set
+*/
+BOOL sec_privilege_check(const struct security_token *token, unsigned int privilege)
+{
+ uint64_t mask = 1;
+ mask <<= (privilege-1);
+ if (token->privilege_mask & mask) {
+ return True;
+ }
+ return False;
+}
+
+/*
+ set a bit in the privilege mask
+*/
+void sec_privilege_set(struct security_token *token, unsigned int privilege)
+{
+ uint64_t mask = 1;
+ mask <<= (privilege-1);
+ token->privilege_mask |= mask;
+}