summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--source3/rpc_server/srv_reg_nt.c8
-rw-r--r--source3/rpc_server/srv_svcctl_nt.c10
2 files changed, 17 insertions, 1 deletions
diff --git a/source3/rpc_server/srv_reg_nt.c b/source3/rpc_server/srv_reg_nt.c
index 07ebe4e20c..7a48b8dd22 100644
--- a/source3/rpc_server/srv_reg_nt.c
+++ b/source3/rpc_server/srv_reg_nt.c
@@ -46,6 +46,14 @@ NTSTATUS registry_access_check( SEC_DESC *sec_desc, NT_USER_TOKEN *token,
se_map_generic( &access_desired, &reg_generic_map );
se_access_check( sec_desc, token, access_desired, access_granted, &result );
+
+ if ( !NT_STATUS_IS_OK(result) ) {
+ if ( geteuid() == sec_initial_uid() ) {
+ DEBUG(5,("registry_access_check: access check bypassed for 'root'\n"));
+ *access_granted = access_desired;
+ return NT_STATUS_OK;
+ }
+ }
return result;
}
diff --git a/source3/rpc_server/srv_svcctl_nt.c b/source3/rpc_server/srv_svcctl_nt.c
index 2e44dc3692..16c3259840 100644
--- a/source3/rpc_server/srv_svcctl_nt.c
+++ b/source3/rpc_server/srv_svcctl_nt.c
@@ -59,10 +59,18 @@ static NTSTATUS svcctl_access_check( SEC_DESC *sec_desc, NT_USER_TOKEN *token,
uint32 access_desired, uint32 *access_granted )
{
NTSTATUS result;
-
+
/* maybe add privilege checks in here later */
se_access_check( sec_desc, token, access_desired, access_granted, &result );
+
+ if ( !NT_STATUS_IS_OK(result) ) {
+ if ( geteuid() == sec_initial_uid() ) {
+ DEBUG(5,("svcctl_access_check: access check bypassed for 'root'\n"));
+ *access_granted = access_desired;
+ return NT_STATUS_OK;
+ }
+ }
return result;
}
generated by cgit (git 2.34.1) at 2024-07-14 06:01:36 +0000