diff options
| author | Andrew Bartlett <abartlet@samba.org> | 2007-07-19 07:48:26 +0000 |
|---|---|---|
| committer | Gerald (Jerry) Carter <jerry@samba.org> | 2007-10-10 15:01:13 -0500 |
| commit | 3a1b90ec755d89d9d7a358c0f477e51b217218ea (patch) | |
| tree | dfc3c9e1d42ef68d30bfd67a1b6dda11fa9953b7 /source4 | |
| parent | bb681188407055a7ea77cdaa76600dac37ae3096 (diff) | |
| download | samba-3a1b90ec755d89d9d7a358c0f477e51b217218ea.tar.gz samba-3a1b90ec755d89d9d7a358c0f477e51b217218ea.tar.bz2 samba-3a1b90ec755d89d9d7a358c0f477e51b217218ea.zip | |
r23966: It isn't great, but at least now we have some access control in SWAT
This patch prevents non-root and non-administrator users from running
the provision, upgrade and vampire pages. *I think* the rest of SWAT
is LDB operations, or otherwise authenticated, so we should now be
secure.
I wish I had a better way to 'prove' we got this right, but this is better than nothing, and moves us closer to an alpha.
Andrew Bartlett
(This used to be commit d61061052dc4711f886199e49bc303002c8f9b11)
Diffstat (limited to 'source4')
| -rw-r--r-- | source4/dsdb/samdb/samdb_privilege.c | 5 | ||||
| -rw-r--r-- | source4/scripting/ejs/smbcalls_auth.c | 45 |
2 files changed, 50 insertions, 0 deletions
diff --git a/source4/dsdb/samdb/samdb_privilege.c b/source4/dsdb/samdb/samdb_privilege.c index 16d34938c6..2313385604 100644 --- a/source4/dsdb/samdb/samdb_privilege.c +++ b/source4/dsdb/samdb/samdb_privilege.c @@ -80,6 +80,11 @@ _PUBLIC_ NTSTATUS samdb_privilege_setup(struct security_token *token) NTSTATUS status; /* Shortcuts to prevent recursion and avoid lookups */ + if (token->user_sid == NULL) { + token->privilege_mask = 0; + return NT_STATUS_OK; + } + if (security_token_is_system(token)) { token->privilege_mask = ~0; return NT_STATUS_OK; diff --git a/source4/scripting/ejs/smbcalls_auth.c b/source4/scripting/ejs/smbcalls_auth.c index 94a74e8e2a..33d7f2cf0e 100644 --- a/source4/scripting/ejs/smbcalls_auth.c +++ b/source4/scripting/ejs/smbcalls_auth.c @@ -27,6 +27,7 @@ #include "scripting/ejs/smbcalls.h" #include "lib/events/events.h" #include "lib/messaging/irpc.h" +#include "libcli/security/security.h" static int ejs_doauth(MprVarHandle eid, TALLOC_CTX *tmp_ctx, struct MprVar *auth, const char *username, @@ -39,6 +40,7 @@ static int ejs_doauth(MprVarHandle eid, struct auth_context *auth_context; struct MprVar *session_info_obj; NTSTATUS nt_status; + bool set; struct smbcalls_context *c; struct event_context *ev; @@ -111,6 +113,32 @@ static int ejs_doauth(MprVarHandle eid, goto done; } + if (security_token_has_nt_authenticated_users(session_info->security_token)) { + mprSetPropertyValue(auth, "user_class", mprString("USER")); + set = true; + } + + if (security_token_has_builtin_administrators(session_info->security_token)) { + mprSetPropertyValue(auth, "user_class", mprString("ADMINISTRATOR")); + set = true; + } + + if (security_token_is_system(session_info->security_token)) { + mprSetPropertyValue(auth, "user_class", mprString("SYSTEM")); + set = true; + } + + if (security_token_is_anonymous(session_info->security_token)) { + mprSetPropertyValue(auth, "report", mprString("Anonymous login not permitted")); + mprSetPropertyValue(auth, "result", mprCreateBoolVar(False)); + goto done; + } + + if (!set) { + mprSetPropertyValue(auth, "report", mprString("Session Info generation failed")); + mprSetPropertyValue(auth, "result", mprCreateBoolVar(False)); + } + session_info_obj = mprInitObject(eid, "session_info", 0, NULL); mprSetPtrChild(session_info_obj, "session_info", session_info); @@ -121,6 +149,23 @@ static int ejs_doauth(MprVarHandle eid, mprSetPropertyValue(auth, "username", mprString(server_info->account_name)); mprSetPropertyValue(auth, "domain", mprString(server_info->domain_name)); + if (security_token_is_system(session_info->security_token)) { + mprSetPropertyValue(auth, "report", mprString("SYSTEM")); + } + + if (security_token_is_anonymous(session_info->security_token)) { + mprSetPropertyValue(auth, "report", mprString("ANONYMOUS")); + } + + if (security_token_has_builtin_administrators(session_info->security_token)) { + mprSetPropertyValue(auth, "report", mprString("ADMINISTRATOR")); + } + + if (security_token_has_nt_authenticated_users(session_info->security_token)) { + mprSetPropertyValue(auth, "report", mprString("USER")); + } + + done: return 0; } |