summaryrefslogtreecommitdiff
path: root/source3/smbd/nttrans.c
diff options
context:
space:
mode:
Diffstat (limited to 'source3/smbd/nttrans.c')
-rw-r--r--source3/smbd/nttrans.c10
1 files changed, 10 insertions, 0 deletions
diff --git a/source3/smbd/nttrans.c b/source3/smbd/nttrans.c
index 3a9f6813ec..caba21161c 100644
--- a/source3/smbd/nttrans.c
+++ b/source3/smbd/nttrans.c
@@ -1837,6 +1837,16 @@ NTSTATUS smbd_do_query_security_desc(connection_struct *conn,
* Get the permissions to return.
*/
+ if ((security_info_wanted & SECINFO_SACL) &&
+ !(fsp->access_mask & SEC_FLAG_SYSTEM_SECURITY)) {
+ return NT_STATUS_ACCESS_DENIED;
+ }
+
+ if ((security_info_wanted & (SECINFO_DACL|SECINFO_OWNER|SECINFO_GROUP)) &&
+ !(fsp->access_mask & SEC_STD_READ_CONTROL)) {
+ return NT_STATUS_ACCESS_DENIED;
+ }
+
if (!lp_nt_acl_support(SNUM(conn))) {
status = get_null_nt_acl(mem_ctx, &psd);
} else {
generated by cgit (git 2.34.1) at 2024-07-03 08:53:03 +0000