diff options
author | Stefan Metzmacher <metze@samba.org> | 2006-04-13 11:34:39 +0000 |
---|---|---|
committer | Gerald (Jerry) Carter <jerry@samba.org> | 2007-10-10 14:04:06 -0500 |
commit | 0dd63e0432d185c1f2397c7cc95489c2d50fc2c5 (patch) | |
tree | 3a5990508b862f4176efb167a7f646de97c889aa /source4/ntvfs | |
parent | 4d72f3f8d01a754b6caba2e6d729e36247081854 (diff) | |
download | samba-0dd63e0432d185c1f2397c7cc95489c2d50fc2c5.tar.gz samba-0dd63e0432d185c1f2397c7cc95489c2d50fc2c5.tar.bz2 samba-0dd63e0432d185c1f2397c7cc95489c2d50fc2c5.zip |
r15069: - don't crash on a NULL acl
- add the correct access checks for changing sd->group and sd->dacl
metze
(This used to be commit 2a61f65cd4084bf690caccf87efaf46551a13aee)
Diffstat (limited to 'source4/ntvfs')
-rw-r--r-- | source4/ntvfs/posix/pvfs_acl.c | 10 |
1 files changed, 9 insertions, 1 deletions
diff --git a/source4/ntvfs/posix/pvfs_acl.c b/source4/ntvfs/posix/pvfs_acl.c index 53ee63dc0a..90c357934c 100644 --- a/source4/ntvfs/posix/pvfs_acl.c +++ b/source4/ntvfs/posix/pvfs_acl.c @@ -52,6 +52,8 @@ static void pvfs_translate_generic_bits(struct security_acl *acl) { unsigned i; + if (!acl) return; + for (i=0;i<acl->num_aces;i++) { struct security_ace *ace = &acl->aces[i]; ace->access_mask = pvfs_translate_mask(ace->access_mask); @@ -236,6 +238,9 @@ NTSTATUS pvfs_acl_set(struct pvfs_state *pvfs, } if ((secinfo_flags & SECINFO_GROUP) && !dom_sid_equal(sd->group_sid, new_sd->group_sid)) { + if (!(access_mask & SEC_STD_WRITE_OWNER)) { + return NT_STATUS_ACCESS_DENIED; + } sd->group_sid = new_sd->group_sid; status = sidmap_sid_to_unixgid(pvfs->sidmap, sd->owner_sid, &gid); if (!NT_STATUS_IS_OK(status)) { @@ -243,14 +248,17 @@ NTSTATUS pvfs_acl_set(struct pvfs_state *pvfs, } } if (secinfo_flags & SECINFO_DACL) { + if (!(access_mask & SEC_STD_WRITE_DAC)) { + return NT_STATUS_ACCESS_DENIED; + } sd->dacl = new_sd->dacl; pvfs_translate_generic_bits(sd->dacl); } if (secinfo_flags & SECINFO_SACL) { - sd->sacl = new_sd->sacl; if (!(access_mask & SEC_FLAG_SYSTEM_SECURITY)) { return NT_STATUS_ACCESS_DENIED; } + sd->sacl = new_sd->sacl; pvfs_translate_generic_bits(sd->sacl); } |