summaryrefslogtreecommitdiff
path: root/source4/libcli
diff options
context:
space:
mode:
authorAndrew Tridgell <tridge@samba.org>2004-12-03 13:04:10 +0000
committerGerald (Jerry) Carter <jerry@samba.org>2007-10-10 13:06:20 -0500
commit4075e28a4f87993858e630012cffe96e49ff6717 (patch)
treea7dbff811100545651368d66d2f5748d01313c39 /source4/libcli
parent6e6374cb5bcffb4df8bdb0a83327fff92b61ac84 (diff)
downloadsamba-4075e28a4f87993858e630012cffe96e49ff6717.tar.gz
samba-4075e28a4f87993858e630012cffe96e49ff6717.tar.bz2
samba-4075e28a4f87993858e630012cffe96e49ff6717.zip
r4056: modified the access check code based on results from RAW-ACLS
test. Also added generic mapping bits for pvfs. We don't pass RAW-ACLS yet, but its close. (This used to be commit c7cbd966d49a5345ea326732587555d209c531fc)
Diffstat (limited to 'source4/libcli')
-rw-r--r--source4/libcli/security/access_check.c45
1 files changed, 19 insertions, 26 deletions
diff --git a/source4/libcli/security/access_check.c b/source4/libcli/security/access_check.c
index d8809aebc6..7e70736d09 100644
--- a/source4/libcli/security/access_check.c
+++ b/source4/libcli/security/access_check.c
@@ -42,13 +42,16 @@ static BOOL sid_active_in_token(struct dom_sid *sid, struct nt_user_token *token
/*
perform a SEC_FLAG_MAXIMUM_ALLOWED access check
*/
-static NTSTATUS access_check_max_allowed(struct security_descriptor *sd,
- struct nt_user_token *token,
- uint32_t *access_granted)
+static uint32_t access_check_max_allowed(struct security_descriptor *sd,
+ struct nt_user_token *token)
{
uint32_t denied = 0, granted = 0;
- int i;
+ unsigned i;
+ if (sid_active_in_token(sd->owner_sid, token)) {
+ granted |= ~(SEC_STD_WRITE_DAC|SEC_STD_READ_CONTROL);
+ }
+
for (i = 0;i<sd->dacl->num_aces; i++) {
struct security_ace *ace = &sd->dacl->aces[i];
@@ -67,15 +70,7 @@ static NTSTATUS access_check_max_allowed(struct security_descriptor *sd,
}
}
- granted &= ~denied;
-
- if (granted == 0) {
- return NT_STATUS_ACCESS_DENIED;
- }
-
- *access_granted = granted;
-
- return NT_STATUS_OK;
+ return granted & ~denied;
}
/*
@@ -89,16 +84,15 @@ NTSTATUS sec_access_check(struct security_descriptor *sd,
int i;
uint32_t bits_remaining;
- bits_remaining = access_desired;
-
- /* the owner always gets SEC_STD_WRITE_DAC & SEC_STD_READ_CONTROL */
- if (bits_remaining & (SEC_STD_WRITE_DAC | SEC_STD_READ_CONTROL)) {
- if (sid_active_in_token(sd->owner_sid, token)) {
- bits_remaining &=
- ~(SEC_STD_WRITE_DAC|SEC_STD_READ_CONTROL);
- }
+ /* handle the maximum allowed flag */
+ if (access_desired & SEC_FLAG_MAXIMUM_ALLOWED) {
+ access_desired |= access_check_max_allowed(sd, token);
+ access_desired &= ~SEC_FLAG_MAXIMUM_ALLOWED;
}
+ *access_granted = access_desired;
+ bits_remaining = access_desired;
+
#if 0
/* this is where we should check for the "system security" privilege, once we
move to the full security_token and not just the nt_user_token */
@@ -122,9 +116,10 @@ NTSTATUS sec_access_check(struct security_descriptor *sd,
return NT_STATUS_ACCESS_DENIED;
}
- /* handle the maximum allowed case separately */
- if (access_desired == SEC_FLAG_MAXIMUM_ALLOWED) {
- return access_check_max_allowed(sd, token, access_granted);
+ /* the owner always gets SEC_STD_WRITE_DAC & SEC_STD_READ_CONTROL */
+ if ((bits_remaining & (SEC_STD_WRITE_DAC|SEC_STD_READ_CONTROL)) &&
+ sid_active_in_token(sd->owner_sid, token)) {
+ bits_remaining &= ~(SEC_STD_WRITE_DAC|SEC_STD_READ_CONTROL);
}
/* check each ace in turn. */
@@ -156,7 +151,5 @@ NTSTATUS sec_access_check(struct security_descriptor *sd,
return NT_STATUS_ACCESS_DENIED;
}
- *access_granted = access_desired;
-
return NT_STATUS_OK;
}