From 06e4f11acd3aedd6c8e4adf365932a01eca902b8 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Fri, 4 Aug 2000 00:59:09 +0000 Subject: Fixed up the user/group contexts when using authenticated pipes. Added a become_root()/unbecome_root() (push/pop security context) around the initgroups() call to ensure it would succeed. Hmmm - I wonder if this call being done as non-root might explain any "group access" bugs we've had in the past.... Jeremy. (This used to be commit 06a65972e872f37d88b84f22ea714feebd38f6c0) --- source3/include/proto.h | 2 ++ 1 file changed, 2 insertions(+) (limited to 'source3/include') diff --git a/source3/include/proto.h b/source3/include/proto.h index e630d7019f..454c7f8c22 100644 --- a/source3/include/proto.h +++ b/source3/include/proto.h @@ -3546,6 +3546,7 @@ void invalidate_vuid(uint16 vuid); char *validated_username(uint16 vuid); char *validated_domain(uint16 vuid); int initialize_groups(char *user, uid_t uid, gid_t gid); +NT_USER_TOKEN *create_nt_token(uid_t uid, gid_t gid, int ngroups, gid_t *groups); uint16 register_vuid(uid_t uid,gid_t gid, char *unix_name, char *requested_name, char *domain,BOOL guest); void add_session_user(char *user); @@ -3673,6 +3674,7 @@ int reply_getattrE(connection_struct *conn, char *inbuf,char *outbuf, int size, int get_current_groups(int *p_ngroups, gid_t **p_groups); void delete_nt_token(NT_USER_TOKEN **pptoken); +NT_USER_TOKEN *dup_nt_token(NT_USER_TOKEN *ptoken); BOOL push_sec_ctx(void); void set_sec_ctx(uid_t uid, gid_t gid, int ngroups, gid_t *groups, NT_USER_TOKEN *token); void set_root_sec_ctx(void); -- cgit