Age | Commit message (Collapse) | Author | Files | Lines |
|
insert_in_object_tree()
This removes special-case for initalising the children array in
insert_in_object_tree(). talloc_realloc() handles the intial allocate
case perfectly well, so there is no need to have this duplicated.
This also restores having just one place were the rest of the elements
are intialised, to ensure uniform behaviour.
To do this, we have to rework insert_in_object_tree to have only one
output variable, both because having both root and new_node as output
variables was too confusing, and because otherwise the two pointers
were being allowed to point at the same memory.
Andrew Bartlett
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
|
|
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
|
|
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
|
|
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
|
|
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
|
|
The inherited_type is only used to decide if aces should be inherited
effectively or not (INHERIT_ONLY) for the specified object.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Matthieu Patou <mat@matws.net>
|
|
(bug #9554 - CVE-2013-0172)
It is critically important that we initialise this element as otherwise
all access is permitted.
Andrew Bartlett
Reviewed-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit a75805490d96a85786287f5d0522dd7671d6816e)
|
|
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
|
|
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
|
|
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
|
|
bool priv_open_requested parameter.
|
|
Change se_create_child_secdesc() to handle inheritance correctly.
|
|
there is a libsecurity on OSF1 which clasheѕ with our security lib. see bug #9023.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Autobuild-User(master): Björn Jacke <bj@sernet.de>
Autobuild-Date(master): Fri Aug 10 14:22:21 CEST 2012 on sn-devel-104
|
|
|
|
se_access_check accepts.
Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Wed Mar 14 05:08:03 CET 2012 on sn-devel-104
|
|
Signed-off-by: Jeremy Allison <jra@samba.org>
Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Wed Mar 14 02:26:34 CET 2012 on sn-devel-104
|
|
Signed-off-by: Jeremy Allison <jra@samba.org>
Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Sat Mar 10 01:33:45 CET 2012 on sn-devel-104
|
|
has no permission for that, but token has SeTakeOwnershipPrivilege
Autobuild-User: Richard Sharpe <sharpe@samba.org>
Autobuild-Date: Wed Feb 22 19:19:32 CET 2012 on sn-devel-104
|
|
Ensure we process the entire ACE list instead of returning ACCESS_DENIED
and terminating the walk - ensure we only return the exact bits that cause
the access to be denied. Some of the S3 fileserver needs to know if we
are only denied DELETE access before overriding it by looking at the
containing directory ACL.
Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Wed Jan 11 19:24:53 CET 2012 on sn-devel-104
|
|
add the S-1-2 well-known SID family
Autobuild-User: Christian Ambach <ambi@samba.org>
Autobuild-Date: Thu Nov 24 19:01:08 CET 2011 on sn-devel-104
|
|
The s3-waf build system is a key component of the top level build, but
with this commit is is no longer available directly. This reduces the
number of build system combinations in master as we prepare for the
Samba 4.0 release.
Andrew Bartlett
|
|
Autobuild-User: Volker Lendecke <vlendec@samba.org>
Autobuild-Date: Wed Aug 17 16:46:24 CEST 2011 on sn-devel-104
|
|
|
|
|
|
|
|
|
|
metze
|
|
Autobuild-User: Volker Lendecke <vlendec@samba.org>
Autobuild-Date: Sat Jun 18 22:26:15 CEST 2011 on sn-devel-104
|
|
Guenther
|
|
Autobuild-User: Volker Lendecke <vlendec@samba.org>
Autobuild-Date: Tue May 31 23:16:31 CEST 2011 on sn-devel-104
|
|
This code does not rely on lp_ or other source3 only functions, so can
be part of the common library.
Andrew Bartlett
|
|
Guenther
|
|
This returns a pointer to the first non-parsed character, along the lines of
strtoul for example.
Signed-off-by: Jeremy Allison <jra@samba.org>
|
|
This changes auth_session_info_transport to just be a wrapper, rather
than a copy that has to be kept in sync.
As auth_session_info was already wrapped in python, this required
changes to the existing pyauth wrapper and it's users.
Andrew Bartlett
|
|
by default
In the file server SEC_STD_DELETE is granted on the file/directory
or by FILE_DELETE_CHILD on the parent directory.
metze
Autobuild-User: Stefan Metzmacher <metze@samba.org>
Autobuild-Date: Mon Mar 21 23:25:05 CET 2011 on sn-devel-104
|
|
|
|
security.h grouping header.
Guenther
|
|
thanks to Simo for pointing this out
Autobuild-User: Andrew Tridgell <tridge@samba.org>
Autobuild-Date: Wed Mar 16 00:25:10 CET 2011 on sn-devel-104
|
|
Autobuild-User: Andrew Tridgell <tridge@samba.org>
Autobuild-Date: Tue Mar 15 05:07:01 CET 2011 on sn-devel-104
|
|
the bin/default/include/public directory will contain headers that are
ready to install
|
|
|
|
This prints into a fixed buffer with the same overflow semantics as snprintf
has: Return required string length, regardless of whether it fit or not.
|
|
Autobuild-User: Andrew Bartlett <abartlet@samba.org>
Autobuild-Date: Tue Mar 1 07:13:43 CET 2011 on sn-devel-104
|
|
This code is now useful in common, as the elements of the
auth_session_info structure have now been defined in common IDL.
Andrew Bartlett
|
|
These strictly need to be "uint32_t" since "acl*->num_aces" has been
defined by this type.
This counter patchset has been reviewed by Andrew Bartlett.
|
|
This strictly needs to be from type "uint32_t" since "privset->count"
is defined with this type.
|
|
Since the privileges are always counted with a signed integer, there is no
reason to specify the upper limit with a "uint32_t".
|
|
This strictly needs to be from type "uint32_t" since "acl->num_aces" is
defined of this type.
|
|
This strictly needs to be of type "uint32_t" due to
"sec_acl->num_aces" which is of type "uint32_t".
|
|
|