diff options
Diffstat (limited to 'source3')
| -rw-r--r-- | source3/smbd/file_access.c | 27 | ||||
| -rw-r--r-- | source3/smbd/posix_acls.c | 25 |
2 files changed, 27 insertions, 25 deletions
diff --git a/source3/smbd/file_access.c b/source3/smbd/file_access.c index 964d1af258..4c07bc5a61 100644 --- a/source3/smbd/file_access.c +++ b/source3/smbd/file_access.c @@ -183,3 +183,30 @@ bool can_write_to_file(connection_struct *conn, const char *fname, SMB_STRUCT_ST return can_access_file(conn, fname, psbuf, FILE_WRITE_DATA); } +/**************************************************************************** + Check for an existing default Windows ACL on a directory. +****************************************************************************/ + +bool directory_has_default_acl(connection_struct *conn, const char *fname) +{ + /* returns talloced off tos. */ + struct security_descriptor *secdesc = NULL; + unsigned int i; + NTSTATUS status = SMB_VFS_GET_NT_ACL(conn, fname, + DACL_SECURITY_INFORMATION, &secdesc); + + if (!NT_STATUS_IS_OK(status) || secdesc == NULL) { + return false; + } + + for (i = 0; i < secdesc->dacl->num_aces; i++) { + struct security_ace *psa = &secdesc->dacl->aces[i]; + if (psa->flags & (SEC_ACE_FLAG_OBJECT_INHERIT| + SEC_ACE_FLAG_CONTAINER_INHERIT)) { + TALLOC_FREE(secdesc); + return true; + } + } + TALLOC_FREE(secdesc); + return false; +} diff --git a/source3/smbd/posix_acls.c b/source3/smbd/posix_acls.c index d422746a3c..61ee5b4352 100644 --- a/source3/smbd/posix_acls.c +++ b/source3/smbd/posix_acls.c @@ -4310,28 +4310,3 @@ SEC_DESC *get_nt_acl_no_snum( TALLOC_CTX *ctx, const char *fname) return ret_sd; } - -/**************************************************************************** - Check for an existing default Windows ACL on a directory. -****************************************************************************/ - -bool directory_has_default_acl(connection_struct *conn, const char *fname) -{ - SEC_DESC *psd = NULL; /* returns talloced off tos. */ - unsigned int i; - NTSTATUS status = SMB_VFS_GET_NT_ACL(conn, fname, - DACL_SECURITY_INFORMATION, &psd); - - if (!NT_STATUS_IS_OK(status) || psd == NULL) { - return false; - } - - for (i = 0; i < psd->dacl->num_aces; i++) { - SEC_ACE *psa = &psd->dacl->aces[i]; - if (psa->flags & (SEC_ACE_FLAG_OBJECT_INHERIT| - SEC_ACE_FLAG_CONTAINER_INHERIT)) { - return true; - } - } - return false; -} |