diff options
Diffstat (limited to 'source3/lib')
-rw-r--r-- | source3/lib/util_seaccess.c | 8 | ||||
-rw-r--r-- | source3/lib/util_sid.c | 11 |
2 files changed, 4 insertions, 15 deletions
diff --git a/source3/lib/util_seaccess.c b/source3/lib/util_seaccess.c index 13032b8779..af7ba24194 100644 --- a/source3/lib/util_seaccess.c +++ b/source3/lib/util_seaccess.c @@ -110,7 +110,7 @@ static uint32_t access_check_max_allowed(const struct security_descriptor *sd, uint32_t denied = 0, granted = 0; unsigned i; - if (is_sid_in_token(token, sd->owner_sid)) { + if (security_token_has_sid(token, sd->owner_sid)) { granted |= SEC_STD_WRITE_DAC | SEC_STD_READ_CONTROL | SEC_STD_DELETE; } else if (security_token_has_privilege(token, SEC_PRIV_RESTORE)) { granted |= SEC_STD_DELETE; @@ -127,7 +127,7 @@ static uint32_t access_check_max_allowed(const struct security_descriptor *sd, continue; } - if (!is_sid_in_token(token, &ace->trustee)) { + if (!security_token_has_sid(token, &ace->trustee)) { continue; } @@ -198,7 +198,7 @@ NTSTATUS se_access_check(const struct security_descriptor *sd, /* the owner always gets SEC_STD_WRITE_DAC, SEC_STD_READ_CONTROL and SEC_STD_DELETE */ if ((bits_remaining & (SEC_STD_WRITE_DAC|SEC_STD_READ_CONTROL|SEC_STD_DELETE)) && - is_sid_in_token(token, sd->owner_sid)) { + security_token_has_sid(token, sd->owner_sid)) { bits_remaining &= ~(SEC_STD_WRITE_DAC|SEC_STD_READ_CONTROL|SEC_STD_DELETE); } if ((bits_remaining & SEC_STD_DELETE) && @@ -218,7 +218,7 @@ NTSTATUS se_access_check(const struct security_descriptor *sd, continue; } - if (!is_sid_in_token(token, &ace->trustee)) { + if (!security_token_has_sid(token, &ace->trustee)) { continue; } diff --git a/source3/lib/util_sid.c b/source3/lib/util_sid.c index d28333f9da..25933116c4 100644 --- a/source3/lib/util_sid.c +++ b/source3/lib/util_sid.c @@ -441,17 +441,6 @@ bool is_null_sid(const struct dom_sid *sid) return dom_sid_equal(sid, &null_sid); } -bool is_sid_in_token(const struct security_token *token, const struct dom_sid *sid) -{ - int i; - - for (i=0; i<token->num_sids; i++) { - if (dom_sid_compare(sid, &token->sids[i]) == 0) - return true; - } - return false; -} - NTSTATUS sid_array_from_info3(TALLOC_CTX *mem_ctx, const struct netr_SamInfo3 *info3, struct dom_sid **user_sids, |