From bb59be3e0d2687fd2a59e831f7efdb34e5ee5d3d Mon Sep 17 00:00:00 2001
From: Gerald Carter <jerry@samba.org>
Date: Fri, 13 Jan 2006 20:26:59 +0000
Subject: r12915: protect against changing the SCM security descriptor (This
 used to be commit 5842da99681c15437c11e9925dec24c8c0e3708a)

---
 source3/rpc_server/srv_svcctl_nt.c | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/source3/rpc_server/srv_svcctl_nt.c b/source3/rpc_server/srv_svcctl_nt.c
index 4db8f7ed3f..049bdf6075 100644
--- a/source3/rpc_server/srv_svcctl_nt.c
+++ b/source3/rpc_server/srv_svcctl_nt.c
@@ -828,6 +828,11 @@ WERROR _svcctl_set_service_sec( pipes_struct *p, SVCCTL_Q_SET_SERVICE_SEC *q_u,
 	if ( !info || !(info->type & (SVC_HANDLE_IS_SERVICE|SVC_HANDLE_IS_SCM))  )
 		return WERR_BADFID;
 
+	/* can't set the security de4scriptor on the ServiceControlManager */
+
+	if ( info->type == SVC_HANDLE_IS_SCM )
+		return WERR_ACCESS_DENIED;	
+
 	/* check the access on the open handle */
 	
 	switch ( q_u->security_flags ) {
-- 
cgit