Age | Commit message (Collapse) | Author | Files | Lines |
|
easily create complex security descriptors for testing. This greatly
simplifies the smbtorture code I am writing for testing our
new access_check code.
(This used to be commit 891a8bc16af3c6ce5800e793ce4ec8b0078e444f)
|
|
against a users security token and access_mask
(This used to be commit c4d21cd4b1ccffd5aaa70a551c57f6eab1ca9c6d)
|
|
verify that the security descriptor found in the SamSync is the same
as what is available over SAMR.
Unfortunately, the administrator seems unable to retrieve the SACL on
the security descriptor, so I've added a new function to compare with
a mask.
Andrew Bartlett
(This used to be commit 39ae5e1dac31a22086be50fb23261e02be877f3f)
|
|
- fixed revision number on default DACL
- fixed DACL_PRESENT bit in acl query
with these fixes cacls.exe and the GUI ACL editor in w2k both work
against pvfs. The GUI editor is slow as it times out looking up the
SID -> name mappings.
(This used to be commit 4468018cb63fd884920c2b0f5235bded50c6b5db)
|
|
based on the current nttoken, which is completely wrong, but works as a start.
The ACL is stored in the xattr system.DosAcl, using a NDR encoded IDL
union with a version number to allow for future expansion.
pvfs does not yet check the ACL for file access. At the moment the ACL
is just query/set.
We also need to do some RPC work to allow the windows ACL editor to be
used. At the moment is queries the ACL fine, but displays an error
when it fails to map the SIDs via rpc.
(This used to be commit 3a1f20d874ab2d8b2a2f2485b7a705847abf1263)
|
|
(This used to be commit 2ff9816ae0ae41e0e63e4276a70d292888346dc7)
|
|
- move dom_sid, security_descriptor, security_* funtions to one place
and rename some of them
metze
(This used to be commit b620bdd672cfdf0e009492e648b0709e6b6d8596)
|