From a49b2ea9c8b66d7e0fa3b256277a1b317f504a40 Mon Sep 17 00:00:00 2001
From: Jeremy Allison <jra@samba.org>
Date: Wed, 27 Jun 2007 22:45:08 +0000
Subject: r23640: When we support the SeSecurity privilage, this is where we'll
 check it. Jeremy. (This used to be commit
 1b73bf79f4f8a2bc408d52a1ce9df47f33fb3a87)

---
 source3/smbd/nttrans.c | 21 +++++++++++++++++++++
 1 file changed, 21 insertions(+)

diff --git a/source3/smbd/nttrans.c b/source3/smbd/nttrans.c
index c13e35698b..2c259713c2 100644
--- a/source3/smbd/nttrans.c
+++ b/source3/smbd/nttrans.c
@@ -702,6 +702,17 @@ int reply_ntcreate_and_X(connection_struct *conn,
 		}
 	}
 
+#if 0
+	/* We need to support SeSecurityPrivilege for this. */
+	if ((access_mask & SEC_RIGHT_SYSTEM_SECURITY)) && 
+			!user_has_privileges(current_user.nt_user_token,
+				&se_security)) {
+		restore_case_semantics(conn, file_attributes);
+		END_PROFILE(SMBntcreateX);
+		return ERROR_NT(NT_STATUS_PRIVILEGE_NOT_HELD);
+	}
+#endif
+
 	/*
 	 * If it's a request for a directory open, deal with it separately.
 	 */
@@ -1378,6 +1389,16 @@ static int call_nt_transact_create(connection_struct *conn, char *inbuf, char *o
 		}
 	}
 
+#if 0
+	/* We need to support SeSecurityPrivilege for this. */
+	if ((access_mask & SEC_RIGHT_SYSTEM_SECURITY)) && 
+			!user_has_privileges(current_user.nt_user_token,
+				&se_security)) {
+		restore_case_semantics(conn, file_attributes);
+		return ERROR_NT(NT_STATUS_PRIVILEGE_NOT_HELD);
+	}
+#endif
+
 	if (ea_len) {
 		pdata = data + sd_len;
 
-- 
cgit