summaryrefslogtreecommitdiff
path: root/source4/torture/raw
diff options
context:
space:
mode:
authorAndrew Tridgell <tridge@samba.org>2005-01-09 04:31:32 +0000
committerGerald (Jerry) Carter <jerry@samba.org>2007-10-10 13:08:33 -0500
commit4e73b4b222f9977f006002b945c21fddc72a3b05 (patch)
treecc0381ac1ac8596cf21bfc00497de75a6839f380 /source4/torture/raw
parent770c65affdefe289d89238ee90834bac90acf46b (diff)
downloadsamba-4e73b4b222f9977f006002b945c21fddc72a3b05.tar.gz
samba-4e73b4b222f9977f006002b945c21fddc72a3b05.tar.bz2
samba-4e73b4b222f9977f006002b945c21fddc72a3b05.zip
r4612: make the output for the w2k3 acl bug a bit clearer
(This used to be commit 24ec8c4274241576683f1f6c86c33a2dfa43848c)
Diffstat (limited to 'source4/torture/raw')
-rw-r--r--source4/torture/raw/acls.c19
1 files changed, 19 insertions, 0 deletions
diff --git a/source4/torture/raw/acls.c b/source4/torture/raw/acls.c
index 97f5f4f5e1..cc99b40050 100644
--- a/source4/torture/raw/acls.c
+++ b/source4/torture/raw/acls.c
@@ -1214,6 +1214,25 @@ static BOOL test_inheritance(struct smbcli_state *cli, TALLOC_CTX *mem_ctx)
io.ntcreatex.in.open_disposition = NTCREATEX_DISP_OPEN;
io.ntcreatex.in.access_mask = SEC_RIGHTS_FILE_ALL;
status = smb_raw_open(cli->tree, mem_ctx, &io);
+ if (NT_STATUS_IS_OK(status)) {
+ printf("failed: w2k3 ACL bug (allowed open when ACL should deny)\n");
+ ret = False;
+ fnum2 = io.ntcreatex.out.fnum;
+ smbcli_close(cli->tree, fnum2);
+ } else {
+ CHECK_STATUS(status, NT_STATUS_ACCESS_DENIED);
+ }
+
+ printf("trying without execute\n");
+ io.ntcreatex.in.open_disposition = NTCREATEX_DISP_OPEN;
+ io.ntcreatex.in.access_mask = SEC_RIGHTS_FILE_ALL & ~SEC_FILE_EXECUTE;
+ status = smb_raw_open(cli->tree, mem_ctx, &io);
+ CHECK_STATUS(status, NT_STATUS_ACCESS_DENIED);
+
+ printf("and with full permissions again\n");
+ io.ntcreatex.in.open_disposition = NTCREATEX_DISP_OPEN;
+ io.ntcreatex.in.access_mask = SEC_RIGHTS_FILE_ALL;
+ status = smb_raw_open(cli->tree, mem_ctx, &io);
CHECK_STATUS(status, NT_STATUS_ACCESS_DENIED);
io.ntcreatex.in.access_mask = SEC_FILE_WRITE_DATA;