summaryrefslogtreecommitdiff
path: root/source3
diff options
context:
space:
mode:
Diffstat (limited to 'source3')
-rw-r--r--source3/smbd/proto.h2
-rw-r--r--source3/smbd/service.c19
2 files changed, 12 insertions, 9 deletions
diff --git a/source3/smbd/proto.h b/source3/smbd/proto.h
index 5eb899ffb5..abc6b289c0 100644
--- a/source3/smbd/proto.h
+++ b/source3/smbd/proto.h
@@ -979,7 +979,7 @@ void smbd_exit_server_cleanly(const char *const reason) _NORETURN_;
bool set_conn_connectpath(connection_struct *conn, const char *connectpath);
NTSTATUS set_conn_force_user_group(connection_struct *conn, int snum);
-void create_share_access_mask(connection_struct *conn, int snum);
+uint32_t create_share_access_mask(connection_struct *conn, int snum);
bool set_current_service(connection_struct *conn, uint16 flags, bool do_chdir);
void load_registry_shares(void);
int add_home_service(const char *service, const char *username, const char *homedir);
diff --git a/source3/smbd/service.c b/source3/smbd/service.c
index 828c036360..1cd12a6fdc 100644
--- a/source3/smbd/service.c
+++ b/source3/smbd/service.c
@@ -515,34 +515,37 @@ NTSTATUS set_conn_force_user_group(connection_struct *conn, int snum)
Setup the share access mask for a connection.
****************************************************************************/
-void create_share_access_mask(connection_struct *conn, int snum)
+uint32_t create_share_access_mask(connection_struct *conn, int snum)
{
const struct security_token *token = conn->session_info->security_token;
+ uint32_t share_access = 0;
share_access_check(token,
lp_servicename(talloc_tos(), snum),
MAXIMUM_ALLOWED_ACCESS,
- &conn->share_access);
+ &share_access);
if (!CAN_WRITE(conn)) {
- conn->share_access &=
+ share_access &=
~(SEC_FILE_WRITE_DATA | SEC_FILE_APPEND_DATA |
SEC_FILE_WRITE_EA | SEC_FILE_WRITE_ATTRIBUTE |
SEC_DIR_DELETE_CHILD );
}
if (security_token_has_privilege(token, SEC_PRIV_SECURITY)) {
- conn->share_access |= SEC_FLAG_SYSTEM_SECURITY;
+ share_access |= SEC_FLAG_SYSTEM_SECURITY;
}
if (security_token_has_privilege(token, SEC_PRIV_RESTORE)) {
- conn->share_access |= (SEC_RIGHTS_PRIV_RESTORE);
+ share_access |= (SEC_RIGHTS_PRIV_RESTORE);
}
if (security_token_has_privilege(token, SEC_PRIV_BACKUP)) {
- conn->share_access |= (SEC_RIGHTS_PRIV_BACKUP);
+ share_access |= (SEC_RIGHTS_PRIV_BACKUP);
}
if (security_token_has_privilege(token, SEC_PRIV_TAKE_OWNERSHIP)) {
- conn->share_access |= (SEC_STD_WRITE_OWNER);
+ share_access |= (SEC_STD_WRITE_OWNER);
}
+
+ return share_access;
}
/****************************************************************************
@@ -654,7 +657,7 @@ static NTSTATUS make_connection_snum(struct smbd_server_connection *sconn,
*
*/
- create_share_access_mask(conn, snum);
+ conn->share_access = create_share_access_mask(conn, snum);
if ((conn->share_access & FILE_WRITE_DATA) == 0) {
if ((conn->share_access & FILE_READ_DATA) == 0) {