diff options
author | Andrew Tridgell <tridge@samba.org> | 2004-12-03 13:04:10 +0000 |
---|---|---|
committer | Gerald (Jerry) Carter <jerry@samba.org> | 2007-10-10 13:06:20 -0500 |
commit | 4075e28a4f87993858e630012cffe96e49ff6717 (patch) | |
tree | a7dbff811100545651368d66d2f5748d01313c39 /source4/libcli | |
parent | 6e6374cb5bcffb4df8bdb0a83327fff92b61ac84 (diff) | |
download | samba-4075e28a4f87993858e630012cffe96e49ff6717.tar.gz samba-4075e28a4f87993858e630012cffe96e49ff6717.tar.bz2 samba-4075e28a4f87993858e630012cffe96e49ff6717.zip |
r4056: modified the access check code based on results from RAW-ACLS
test. Also added generic mapping bits for pvfs. We don't pass RAW-ACLS
yet, but its close.
(This used to be commit c7cbd966d49a5345ea326732587555d209c531fc)
Diffstat (limited to 'source4/libcli')
-rw-r--r-- | source4/libcli/security/access_check.c | 45 |
1 files changed, 19 insertions, 26 deletions
diff --git a/source4/libcli/security/access_check.c b/source4/libcli/security/access_check.c index d8809aebc6..7e70736d09 100644 --- a/source4/libcli/security/access_check.c +++ b/source4/libcli/security/access_check.c @@ -42,13 +42,16 @@ static BOOL sid_active_in_token(struct dom_sid *sid, struct nt_user_token *token /* perform a SEC_FLAG_MAXIMUM_ALLOWED access check */ -static NTSTATUS access_check_max_allowed(struct security_descriptor *sd, - struct nt_user_token *token, - uint32_t *access_granted) +static uint32_t access_check_max_allowed(struct security_descriptor *sd, + struct nt_user_token *token) { uint32_t denied = 0, granted = 0; - int i; + unsigned i; + if (sid_active_in_token(sd->owner_sid, token)) { + granted |= ~(SEC_STD_WRITE_DAC|SEC_STD_READ_CONTROL); + } + for (i = 0;i<sd->dacl->num_aces; i++) { struct security_ace *ace = &sd->dacl->aces[i]; @@ -67,15 +70,7 @@ static NTSTATUS access_check_max_allowed(struct security_descriptor *sd, } } - granted &= ~denied; - - if (granted == 0) { - return NT_STATUS_ACCESS_DENIED; - } - - *access_granted = granted; - - return NT_STATUS_OK; + return granted & ~denied; } /* @@ -89,16 +84,15 @@ NTSTATUS sec_access_check(struct security_descriptor *sd, int i; uint32_t bits_remaining; - bits_remaining = access_desired; - - /* the owner always gets SEC_STD_WRITE_DAC & SEC_STD_READ_CONTROL */ - if (bits_remaining & (SEC_STD_WRITE_DAC | SEC_STD_READ_CONTROL)) { - if (sid_active_in_token(sd->owner_sid, token)) { - bits_remaining &= - ~(SEC_STD_WRITE_DAC|SEC_STD_READ_CONTROL); - } + /* handle the maximum allowed flag */ + if (access_desired & SEC_FLAG_MAXIMUM_ALLOWED) { + access_desired |= access_check_max_allowed(sd, token); + access_desired &= ~SEC_FLAG_MAXIMUM_ALLOWED; } + *access_granted = access_desired; + bits_remaining = access_desired; + #if 0 /* this is where we should check for the "system security" privilege, once we move to the full security_token and not just the nt_user_token */ @@ -122,9 +116,10 @@ NTSTATUS sec_access_check(struct security_descriptor *sd, return NT_STATUS_ACCESS_DENIED; } - /* handle the maximum allowed case separately */ - if (access_desired == SEC_FLAG_MAXIMUM_ALLOWED) { - return access_check_max_allowed(sd, token, access_granted); + /* the owner always gets SEC_STD_WRITE_DAC & SEC_STD_READ_CONTROL */ + if ((bits_remaining & (SEC_STD_WRITE_DAC|SEC_STD_READ_CONTROL)) && + sid_active_in_token(sd->owner_sid, token)) { + bits_remaining &= ~(SEC_STD_WRITE_DAC|SEC_STD_READ_CONTROL); } /* check each ace in turn. */ @@ -156,7 +151,5 @@ NTSTATUS sec_access_check(struct security_descriptor *sd, return NT_STATUS_ACCESS_DENIED; } - *access_granted = access_desired; - return NT_STATUS_OK; } |