diff options
| -rw-r--r-- | source3/include/proto.h | 2 | ||||
| -rw-r--r-- | source3/lib/util_seaccess.c | 2 | ||||
| -rw-r--r-- | source3/lib/util_sid.c | 18 | ||||
| -rw-r--r-- | source3/rpc_server/srv_eventlog_nt.c | 2 |
4 files changed, 8 insertions, 16 deletions
diff --git a/source3/include/proto.h b/source3/include/proto.h index 03196c30ed..73fe868d84 100644 --- a/source3/include/proto.h +++ b/source3/include/proto.h @@ -1319,7 +1319,7 @@ bool is_setuid_root(void) ; /* The following definitions come from lib/util_sid.c */ const char *sid_type_lookup(uint32 sid_type) ; -struct security_token *get_system_token(void) ; +const struct security_token *get_system_token(void) ; char *sid_to_fstring(fstring sidstr_out, const struct dom_sid *sid); char *sid_string_talloc(TALLOC_CTX *mem_ctx, const struct dom_sid *sid); char *sid_string_dbg(const struct dom_sid *sid); diff --git a/source3/lib/util_seaccess.c b/source3/lib/util_seaccess.c index 7e803fcfce..6c16fea585 100644 --- a/source3/lib/util_seaccess.c +++ b/source3/lib/util_seaccess.c @@ -22,8 +22,6 @@ #include "includes.h" -extern struct security_token anonymous_token; - /* Map generic access rights to object specific rights. This technique is used to give meaning to assigning read, write, execute and all access to objects. Each type of object has its own mapping of generic to object diff --git a/source3/lib/util_sid.c b/source3/lib/util_sid.c index 0e5c204378..4e0ddd2e49 100644 --- a/source3/lib/util_sid.c +++ b/source3/lib/util_sid.c @@ -99,19 +99,13 @@ const struct dom_sid global_sid_Unix_Groups = /* Unmapped Unix groups */ #define SECURITY_NT_AUTHORITY 5 #endif -/* - * An NT compatible anonymous token. - */ - -static struct dom_sid anon_sid_array[3] = -{ { 1, 1, {0,0,0,0,0,1}, {0,0,0,0,0,0,0,0,0,0,0,0,0,0,0}}, - { 1, 1, {0,0,0,0,0,5}, {2,0,0,0,0,0,0,0,0,0,0,0,0,0,0}}, - { 1, 1, {0,0,0,0,0,5}, {7,0,0,0,0,0,0,0,0,0,0,0,0,0,0}} }; -struct security_token anonymous_token = { 3, anon_sid_array, SE_NONE }; - static struct dom_sid system_sid_array[1] = { { 1, 1, {0,0,0,0,0,5}, {18,0,0,0,0,0,0,0,0,0,0,0,0,0,0}} }; -struct security_token system_token = { 1, system_sid_array, SE_ALL_PRIVS }; +static const struct security_token system_token = { + .num_sids = ARRAY_SIZE(system_sid_array), + .sids = system_sid_array, + .privilege_mask = SE_ALL_PRIVS +}; /**************************************************************************** Lookup string names for SID types. @@ -153,7 +147,7 @@ const char *sid_type_lookup(uint32 sid_type) Create the SYSTEM token. ***************************************************************************/ -struct security_token *get_system_token(void) +const struct security_token *get_system_token(void) { return &system_token; } diff --git a/source3/rpc_server/srv_eventlog_nt.c b/source3/rpc_server/srv_eventlog_nt.c index 1fc9337a56..96787a374f 100644 --- a/source3/rpc_server/srv_eventlog_nt.c +++ b/source3/rpc_server/srv_eventlog_nt.c @@ -69,7 +69,7 @@ static EVENTLOG_INFO *find_eventlog_info_by_hnd( struct pipes_struct * p, /******************************************************************** ********************************************************************/ -static bool elog_check_access( EVENTLOG_INFO *info, struct security_token *token ) +static bool elog_check_access( EVENTLOG_INFO *info, const struct security_token *token ) { char *tdbname = elog_tdbname(talloc_tos(), info->logname ); struct security_descriptor *sec_desc; |