| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
as the SID list. Now to go through and tidy up the algorithm.
Jeremy.
(This used to be commit 1f7300df6713a6728feb1600ca7e62fc213232fc)
|
|
get ready and fix se_access_check().
Added cannonical lookup_name(), lookup_sid(), uid_to_sid(), gid_to_sid()
functions that look via winbind first the fall back on local lookup.
All Samba should use these rather than trying to call winbindd code
directly.
Added NT_USER_TOKEN struct in user_struct, contains list of NT sids
associated with this user.
se_access_check() should use this (cached) value rather than attempting
to do the same thing itself when given a uid/gid pair.
More work needs to be done to preserve these things accross security
context changes (especially with the tricky pipe problem) but I'm
beginning to see how this will be done..... probably by registering
a new vuid for an authenticated RPC pipe and not treating the
pipe calls specially.
More thoughts needed - but we're almost there...
Jeremy.
(This used to be commit 5e5cc6efe2e4687be59085f562caea1e2e05d0a8)
|
|
Changed interface to se_access_check to take a user struct instead of each
bit as a separate parameter.
(This used to be commit ff7938310d0636b165b03a2b0a15e51494b2459f)
|
|
(This used to be commit 898a483cdab1ed7d8ff902c0dc0e0620440ae4cd)
|
|
nsswitch/wb_client.c
Merge of nsswitch/common.c rename to nsswitch/wb_common.c from TNG.
(This used to be commit f866c18f6be65db67d9d2a6c0b42e1af3b421e6c)
|
|
Fixes for se_access_check() when you are the owner of the object.
(This used to be commit 1478198b709b26d0007a8ff0586c34fc6f37a9d2)
|
|
bugs. I think there is a problem though with the permissions granted when
SEC_RIGHTS_MAXIMUM_ALLOWED is passed as the permissions requested.
(This used to be commit 27d821913c87dddd44a0690f4b191c9d2445817e)
|
|
(This used to be commit 6de329f6bf9c26e132869cf43d4976d4881e285c)
|
