summaryrefslogtreecommitdiff
path: root/source4/ntvfs
diff options
context:
space:
mode:
authorStefan Metzmacher <metze@samba.org>2006-04-13 11:34:39 +0000
committerGerald (Jerry) Carter <jerry@samba.org>2007-10-10 14:04:06 -0500
commit0dd63e0432d185c1f2397c7cc95489c2d50fc2c5 (patch)
tree3a5990508b862f4176efb167a7f646de97c889aa /source4/ntvfs
parent4d72f3f8d01a754b6caba2e6d729e36247081854 (diff)
downloadsamba-0dd63e0432d185c1f2397c7cc95489c2d50fc2c5.tar.gz
samba-0dd63e0432d185c1f2397c7cc95489c2d50fc2c5.tar.bz2
samba-0dd63e0432d185c1f2397c7cc95489c2d50fc2c5.zip
r15069: - don't crash on a NULL acl
- add the correct access checks for changing sd->group and sd->dacl metze (This used to be commit 2a61f65cd4084bf690caccf87efaf46551a13aee)
Diffstat (limited to 'source4/ntvfs')
-rw-r--r--source4/ntvfs/posix/pvfs_acl.c10
1 files changed, 9 insertions, 1 deletions
diff --git a/source4/ntvfs/posix/pvfs_acl.c b/source4/ntvfs/posix/pvfs_acl.c
index 53ee63dc0a..90c357934c 100644
--- a/source4/ntvfs/posix/pvfs_acl.c
+++ b/source4/ntvfs/posix/pvfs_acl.c
@@ -52,6 +52,8 @@ static void pvfs_translate_generic_bits(struct security_acl *acl)
{
unsigned i;
+ if (!acl) return;
+
for (i=0;i<acl->num_aces;i++) {
struct security_ace *ace = &acl->aces[i];
ace->access_mask = pvfs_translate_mask(ace->access_mask);
@@ -236,6 +238,9 @@ NTSTATUS pvfs_acl_set(struct pvfs_state *pvfs,
}
if ((secinfo_flags & SECINFO_GROUP) &&
!dom_sid_equal(sd->group_sid, new_sd->group_sid)) {
+ if (!(access_mask & SEC_STD_WRITE_OWNER)) {
+ return NT_STATUS_ACCESS_DENIED;
+ }
sd->group_sid = new_sd->group_sid;
status = sidmap_sid_to_unixgid(pvfs->sidmap, sd->owner_sid, &gid);
if (!NT_STATUS_IS_OK(status)) {
@@ -243,14 +248,17 @@ NTSTATUS pvfs_acl_set(struct pvfs_state *pvfs,
}
}
if (secinfo_flags & SECINFO_DACL) {
+ if (!(access_mask & SEC_STD_WRITE_DAC)) {
+ return NT_STATUS_ACCESS_DENIED;
+ }
sd->dacl = new_sd->dacl;
pvfs_translate_generic_bits(sd->dacl);
}
if (secinfo_flags & SECINFO_SACL) {
- sd->sacl = new_sd->sacl;
if (!(access_mask & SEC_FLAG_SYSTEM_SECURITY)) {
return NT_STATUS_ACCESS_DENIED;
}
+ sd->sacl = new_sd->sacl;
pvfs_translate_generic_bits(sd->sacl);
}