From 553818add80818909268557665e2760a16f2d8a0 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Mon, 2 Feb 2009 17:10:27 -0800 Subject: Fix bug #6082 - smbd_gpfs_getacl failed: Windows client canĀ“t rename or delete file This fixes the generic rename/delete problem for 3.3.0 and above. Fixed slightly differently to discussions, user viewable modified ACLs are not a good idea :-). Jeremy. MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- source3/lib/util_seaccess.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) (limited to 'source3/lib/util_seaccess.c') diff --git a/source3/lib/util_seaccess.c b/source3/lib/util_seaccess.c index fdc10f20ab..0da7442d19 100644 --- a/source3/lib/util_seaccess.c +++ b/source3/lib/util_seaccess.c @@ -149,7 +149,9 @@ static uint32_t access_check_max_allowed(const struct security_descriptor *sd, } /* - the main entry point for access checking. + The main entry point for access checking. If returning ACCESS_DENIED + this function returns the denied bits in the uint32_t pointed + to by the access_granted pointer. */ NTSTATUS se_access_check(const struct security_descriptor *sd, const NT_USER_TOKEN *token, @@ -238,6 +240,7 @@ NTSTATUS se_access_check(const struct security_descriptor *sd, done: if (bits_remaining != 0) { + *access_granted = bits_remaining; return NT_STATUS_ACCESS_DENIED; } -- cgit