summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--source3/smbd/file_access.c27
-rw-r--r--source3/smbd/posix_acls.c25
2 files changed, 27 insertions, 25 deletions
diff --git a/source3/smbd/file_access.c b/source3/smbd/file_access.c
index 964d1af258..4c07bc5a61 100644
--- a/source3/smbd/file_access.c
+++ b/source3/smbd/file_access.c
@@ -183,3 +183,30 @@ bool can_write_to_file(connection_struct *conn, const char *fname, SMB_STRUCT_ST
return can_access_file(conn, fname, psbuf, FILE_WRITE_DATA);
}
+/****************************************************************************
+ Check for an existing default Windows ACL on a directory.
+****************************************************************************/
+
+bool directory_has_default_acl(connection_struct *conn, const char *fname)
+{
+ /* returns talloced off tos. */
+ struct security_descriptor *secdesc = NULL;
+ unsigned int i;
+ NTSTATUS status = SMB_VFS_GET_NT_ACL(conn, fname,
+ DACL_SECURITY_INFORMATION, &secdesc);
+
+ if (!NT_STATUS_IS_OK(status) || secdesc == NULL) {
+ return false;
+ }
+
+ for (i = 0; i < secdesc->dacl->num_aces; i++) {
+ struct security_ace *psa = &secdesc->dacl->aces[i];
+ if (psa->flags & (SEC_ACE_FLAG_OBJECT_INHERIT|
+ SEC_ACE_FLAG_CONTAINER_INHERIT)) {
+ TALLOC_FREE(secdesc);
+ return true;
+ }
+ }
+ TALLOC_FREE(secdesc);
+ return false;
+}
diff --git a/source3/smbd/posix_acls.c b/source3/smbd/posix_acls.c
index d422746a3c..61ee5b4352 100644
--- a/source3/smbd/posix_acls.c
+++ b/source3/smbd/posix_acls.c
@@ -4310,28 +4310,3 @@ SEC_DESC *get_nt_acl_no_snum( TALLOC_CTX *ctx, const char *fname)
return ret_sd;
}
-
-/****************************************************************************
- Check for an existing default Windows ACL on a directory.
-****************************************************************************/
-
-bool directory_has_default_acl(connection_struct *conn, const char *fname)
-{
- SEC_DESC *psd = NULL; /* returns talloced off tos. */
- unsigned int i;
- NTSTATUS status = SMB_VFS_GET_NT_ACL(conn, fname,
- DACL_SECURITY_INFORMATION, &psd);
-
- if (!NT_STATUS_IS_OK(status) || psd == NULL) {
- return false;
- }
-
- for (i = 0; i < psd->dacl->num_aces; i++) {
- SEC_ACE *psa = &psd->dacl->aces[i];
- if (psa->flags & (SEC_ACE_FLAG_OBJECT_INHERIT|
- SEC_ACE_FLAG_CONTAINER_INHERIT)) {
- return true;
- }
- }
- return false;
-}