summaryrefslogtreecommitdiff
path: root/source3/lib
diff options
context:
space:
mode:
Diffstat (limited to 'source3/lib')
-rw-r--r--source3/lib/secdesc.c6
-rw-r--r--source3/lib/util_seaccess.c4
2 files changed, 5 insertions, 5 deletions
diff --git a/source3/lib/secdesc.c b/source3/lib/secdesc.c
index 1da2b3ec93..2987306066 100644
--- a/source3/lib/secdesc.c
+++ b/source3/lib/secdesc.c
@@ -529,7 +529,7 @@ NTSTATUS se_create_child_secdesc(TALLOC_CTX *ctx,
/* First add the regular ACE entry. */
init_sec_ace(new_ace, ptrustee, ace->type,
- ace->access_mask, SEC_ACE_FLAG_INHERITED_ACE);
+ ace->access_mask, 0);
DEBUG(5,("se_create_child_secdesc(): %s:%d/0x%02x/0x%08x"
" inherited as %s:%d/0x%02x/0x%08x\n",
@@ -549,7 +549,7 @@ NTSTATUS se_create_child_secdesc(TALLOC_CTX *ctx,
}
init_sec_ace(new_ace, ptrustee, ace->type,
- ace->access_mask, new_flags | SEC_ACE_FLAG_INHERITED_ACE);
+ ace->access_mask, new_flags);
DEBUG(5, ("se_create_child_secdesc(): %s:%d/0x%02x/0x%08x "
" inherited as %s:%d/0x%02x/0x%08x\n",
@@ -565,7 +565,7 @@ NTSTATUS se_create_child_secdesc(TALLOC_CTX *ctx,
/* Create child security descriptor to return */
new_dacl = make_sec_acl(ctx,
- ACL_REVISION,
+ NT4_ACL_REVISION,
new_ace_list_ndx,
new_ace_list);
diff --git a/source3/lib/util_seaccess.c b/source3/lib/util_seaccess.c
index 17d4b78202..d7fdc9a8b9 100644
--- a/source3/lib/util_seaccess.c
+++ b/source3/lib/util_seaccess.c
@@ -110,7 +110,7 @@ static uint32_t access_check_max_allowed(const struct security_descriptor *sd,
{
uint32_t denied = 0, granted = 0;
unsigned i;
-
+
if (is_sid_in_token(token, sd->owner_sid)) {
granted |= SEC_STD_WRITE_DAC | SEC_STD_READ_CONTROL | SEC_STD_DELETE;
} else if (user_has_privileges(token, &se_restore)) {
@@ -120,7 +120,7 @@ static uint32_t access_check_max_allowed(const struct security_descriptor *sd,
if (sd->dacl == NULL) {
return granted & ~denied;
}
-
+
for (i = 0;i<sd->dacl->num_aces; i++) {
struct security_ace *ace = &sd->dacl->aces[i];