Age | Commit message (Collapse) | Author | Files | Lines |
|
A client can send a full security_descriptor while just passing
sd_flags of SECINFO_DACL.
We need to NULL out elements which will be ignored depending on
the sd_flags and may set the old owner/group sids. Otherwise
the calculation of the DACL/SACL can replace CREATOR_OWNER with
the wrong sid.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
|
|
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
Autobuild-User(master): Michael Adam <obnox@samba.org>
Autobuild-Date(master): Fri Nov 30 18:59:50 CET 2012 on sn-devel-104
|
|
replicated changes
We only do so if the replicated object is not deleted.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
|
|
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
|
|
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
|
|
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
|
|
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
|
|
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
|
|
This can only be triggered by ourself, that's why we expect
control->data == module.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
|
|
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
|
|
The propagation of nTSecurityDescriptor doesn't change the
replProperyMetaData.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
|
|
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
|
|
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
|
|
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
|
|
Now that the acl module checks for SEC_ADS_DELETE_TREE,
we can do the recursive delete AS_SYSTEM.
We need to pass the TRUSTED flags as we operate from
the TOP module.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
|
|
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
|
|
We add AS_SYSTEM and SHOW_RECYCLED to the helper search,
don't let the caller specify additional controls.
This also fixes a problem when the caller also specified AS_SYSTEM.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
|
|
(bug #7711)
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
|
|
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
|
|
DSDB_SECRET_ATTRIBUTES_EX
See [MS-ADTS] 3.1.1.4.4 Extended Access Checks.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
|
|
The @KLUDGEACL record might not be uptodate.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
|
|
modify
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
|
|
nTSecurityDescriptor
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
|
|
If the nTSecurityDescriptor attribute is not specified,
we have nothing to do.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
|
|
sd == NULL is checked before.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
|
|
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
|
|
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
|
|
descriptor_{add,modify,rename}
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
|
|
default one
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
|
|
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
|
|
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
|
|
We need to base the access mask on the given SD Flags.
Originally, we always checked for SEC_FLAG_SYSTEM_SECURITY,
which could lead to INSUFFICIENT_RIGHTS when we should
have been allowed to read.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
|
|
Note that SHOW_RECYCLED implies SHOW_DELETED.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
|
|
nTSecurityDescriptor
The access_mask depends on the SD Flags.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
|
|
is set
In that case the acl_read module does the protection.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
|
|
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
|
|
The searches are done in order to do access checks
and the results are not directly exposed to the client.
Note that SHOW_RECYCLED implies SHOW_DELETED.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
|
|
See [MS-ADTS] 6.1.3.2 SD Flags Control:
...
When performing an LDAP add operation, the client can supply an SD flags control
with the operation; however, it will be ignored by the server.
...
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
|
|
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
|
|
nTSecurityDescriptor
If the nTSecurityDescriptor is explicitly specified
without the SD Flags control we should go through descriptor_search_callback().
This is not strictly needed at the moment, but makes the code clearer
and might avoid surprises in the future.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
|
|
SHOW_RECYCLED
Note that SHOW_RECYCLED implies SHOW_DELETED.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
|
|
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
|
|
The search is done in order to do access checks.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
|
|
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
|
|
Note that SHOW_RECYCLED implies SHOW_DELETED.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
|
|
Note that SHOW_RECYCLED implies SHOW_DELETED.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
|
|
As anonymous users can read all rootdse attributes,
we should do helper searches with DSDB_FLAG_AS_SYSTEM
in order to avoid unnecessary access checks.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
|
|
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
|
|
A value of 0 is mapped to 0xF.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
|
|
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
|