samba - Unnamed repository; edit this file 'description' to name the repository.

Age	Commit message (Collapse)	Author	Files	Lines
2010-04-22	s4-drs: added new SECURITY_RO_DOMAIN_CONTROLLER level	Andrew Tridgell	2	-6/+18
	This is used for allowing operations by RODCs, and denying them operations that should only be allowed for a full DC This required a new domain_sid argument to security_session_user_level() Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org> Pair-Programmed-With: Rusty Russell <rusty@samba.org>
2010-04-20	Removed more excess looping and fixed problem with incorrect IO flag handling.	Nadezhda Ivanova	1	-126/+81

2010-04-15	A bit of refactoring in the SD creation code.	Nadezhda Ivanova	1	-127/+71

2010-04-06	s4-waf: removed the AUTOGENERATED markers	Andrew Tridgell	1	-4/+0
	we won't be using the mk -> wscript generator again
2010-04-06	s4-waf: mark the wscript files as python so vim/emacs knows how to highlight ↵	Andrew Tridgell	1	-0/+2
	them
2010-04-06	build: waf quicktest nearly works	Andrew Tridgell	1	-1/+1
	Rewrote wafsamba using a new dependency handling system, and started adding the waf test code
2010-04-06	build: commit all the waf build files in the tree	Andrew Tridgell	1	-0/+10

2010-03-25	python: use '#!/usr/bin/env python' to cope with varying install locations	Andrew Tridgell	1	-1/+1
	this should be much more portable
2010-03-24	Missing include guard in source4/libcli/security/security.h	Jeremy Allison	1	-0/+5
	Jeremy.
2010-03-03	s4:move the sddl code down to the top level	Michael Adam	3	-627/+2
	Michael
2010-02-02	Change uint_t to unsigned int in source4	Matt Kraai	1	-1/+1
	Signed-off-by: Stefan Metzmacher <metze@samba.org>
2010-01-02	s4-sddl: DRS replication needs REVISION_ADS for SDs	Andrew Tridgell	1	-1/+1
	DRS replication with w2k8-r2 fails with a schema mismatch error if we set the revision to NT4
2009-12-31	py/security: Add test for dom_sid.split.	Jelmer Vernooij	1	-3/+8
	Signed-off-by: Andrew Tridgell <tridge@samba.org>
2009-12-17	Fixed incorrect checking of PRINCIPAL_SELF permissions.	Nadezhda Ivanova	1	-3/+12
	If an ace has the PRINCIPAL_SELF as trustee, this sid has to be replaced with the onjectSid of the object being checked. PRINCIPAL_SELF is the way to grant rights to an account over itself.
2009-11-27	s4:security/sddl - rework of the security descriptor abbreviations	Matthias Dieter Wallnöfer	1	-28/+33
	- Reoder them - Add some new ones (needed for the security descriptor in the provision script)
2009-11-17	Fixed incorrect SID for RAS Servers.	Nadezhda Ivanova	2	-1/+2

2009-11-15	Fixed some major bugs in inheritance and access checks.	Nadezhda Ivanova	1	-13/+16
	Fixed sd creation not working on LDAP modify. Fixed incorrect replacement of CO and CG. Fixed incorrect access check on modify for SD modification. Fixed failing sec_descriptor test and enabled it. Fixed failing sd add test in ldap.python
2009-11-05	Version 1.0 of the directory service acls module.	Nadezhda Ivanova	2	-47/+60
	At this point, support for checks on LDAP add, delete, rename and modify. Old kludge_acl is still there to handle the searches. This module is synchronous as the async version was impossible to debug, will be converted to async after some user testing.
2009-11-03	Fixed some missing flags and bugs in the security creation.	Nadezhda Ivanova	1	-11/+47
	Also, added some logging. It needs improvement, possibly ability to turn in on and off via configuration file.
2009-11-03	Fixed a bug in object specific access checks.	Nadezhda Ivanova	1	-2/+4

2009-10-22	s4:libcli/security/access_check - Add "const" in front of "type"	Matthias Dieter Wallnöfer	1	-1/+1
	Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2009-10-17	s4-acl: SEC_FLAG_MAXIMUM_ALLOWED doesn't auto-apply privilege access masks	Andrew Tridgell	1	-6/+2

2009-10-17	s4-security: honor more of the privilege access bits	Andrew Tridgell	1	-4/+12

2009-10-02	s4: fix various warnings (not "const" related ones)	Matthias Dieter Wallnöfer	1	-3/+3

2009-09-28	s4-acl: fixed SD creation	Andrew Tridgell	1	-12/+22
	Thanks for Nadya and Metze for this. The SDs were being created with invalid fields (noticed by w2k8-r2 client when joining our domain)
2009-09-24	Fixed a dereferenced null pointer.	Nadezhda Ivanova	1	-16/+14

2009-09-21	Initial Implementation of the DS objects access checks.	Nadezhda Ivanova	4	-1/+252
	Currently disabled. The search will be greatly modified, also the object tree stuff will be simplified.
2009-09-20	Initial implementation of security descriptor creation in DS	Nadezhda Ivanova	1	-4/+348
	TODO's: ACE sorting and clarifying the inheritance of object specific ace's.
2009-09-17	pyldb: Don't segfault when invalid type is specified to as_sddl and from_sddl.	Matthieu Patou	1	-0/+17
	Fix bug #6723
2009-09-16	Owner and group defaulting.	Nadezhda Ivanova	2	-1/+118
	Signed-off-by: Andrew Bartlett <abartlet@samba.org>
2009-09-15	s4-security: added a new security level SECURITY_DOMAIN_CONTROLLER	Andrew Tridgell	2	-0/+10
	This will be used as a simple way to lock down DRS replication to administrators and domain controllers
2009-07-19	Fix typo	Matthias Dieter Wallnöfer	1	-1/+1

2009-05-29	s4: Add additional 2-letter SID/RID mappings.	Andrew Kroeger	1	-0/+23
	Information from http://msdn.microsoft.com/en-us/library/aa379602(VS.85).aspx
2009-05-20	s4: try to fix privileges implementation in order to pass the ↵	Günther Deschner	1	-1/+5
	RPC-SAMR-USERS-PRIVILEGES test. Guenther
2009-04-23	Fix of a bug in the security.descriptor.as_sddl() method	nadezhda ivanova	1	-0/+6
	security.descriptor.as_sddl() method did not work correctly when invoked without supplying the domain sid. Returned the same value as when the sid was provided. Test added for this case in libcli/security/tests/bindings.py Signed-off-by: Jelmer Vernooij <jelmer@samba.org>
2009-04-21	Move the security_descriptor utility code to the top-level.	Jelmer Vernooij	3	-535/+2

2009-04-20	Add a unit test for security_descriptor.as_sddl() without arguments.	Jelmer Vernooij	1	-0/+10

2009-03-25	display_sec: Move to common libcli/security directory.	Jelmer Vernooij	1	-2/+0

2009-03-01	Add header files for secace and secacl.	Jelmer Vernooij	1	-1/+2

2009-03-01	Move secacl to top-level.	Jelmer Vernooij	1	-1/+2

2009-03-01	Move secace.c to top-level.	Jelmer Vernooij	1	-1/+2

2009-02-01	shared: Move dom_sid_* utility functions to top level	Kai Blin	3	-308/+5

2009-01-30	Fix the mess with ldb includes.	Simo Sorce	1	-1/+0
	Separate again the public from the private headers. Add a new header specific for modules. Also add service function for modules as now ldb_context and ldb_module are opaque structures for them.
2009-01-22	Implement as_sddl.	Jelmer Vernooij	1	-0/+10

2009-01-22	Support parsing sddl for security descriptors.	Jelmer Vernooij	1	-0/+8

2008-12-23	Fix more compiler warnings in various places.	Jelmer Vernooij	1	-1/+0

2008-12-21	Fix comparison in tests now that we use __cmp__ rather than __eq__.	Jelmer Vernooij	1	-2/+2

2008-12-21	Fix more tests, improve repr() functions for various Python types.	Jelmer Vernooij	2	-8/+8

2008-12-21	Simplify customization of pidl-generated Python modules.	Jelmer Vernooij	1	-16/+24

2008-12-21	Merge the rest of security.i into samba.dcerpc.security.	Jelmer Vernooij	4	-3701/+0