From b4d1e192cdcd42de504f5a6ef27f61f6c0e350f0 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Tue, 8 Aug 2000 21:51:22 +0000 Subject: Added SID "Everyone" S-1-1-0 as always matching if present in an ACE. Jeremy. (This used to be commit b3a1038ac1bfb0c32e64f6cb26e5e46fbda794a2) --- source3/lib/util_seaccess.c | 21 +++++++++++++++++---- 1 file changed, 17 insertions(+), 4 deletions(-) (limited to 'source3/lib/util_seaccess.c') diff --git a/source3/lib/util_seaccess.c b/source3/lib/util_seaccess.c index e9de51632d..351e93dc7a 100644 --- a/source3/lib/util_seaccess.c +++ b/source3/lib/util_seaccess.c @@ -26,11 +26,22 @@ extern int DEBUGLEVEL; +/* Everyone = S-1-1-0 */ + +static DOM_SID everyone_sid = { + 1, /* sid_rev_num */ + 1, /* num_auths */ + { 0, 0, 0, 0, 0, 1}, /* id_auth[6] */ + { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0} /* sub_auth[15] */ +}; + /* * Guest token used when there is no NT_USER_TOKEN available. */ -static DOM_SID builtin_guest = { +/* Guest = S-1-5-32-546 */ + +static DOM_SID guest_sid = { 1, /* sid_rev_num */ 2, /* num_auths */ { 0, 0, 0, 0, 0, 5}, /* id_auth[6] */ @@ -39,11 +50,12 @@ static DOM_SID builtin_guest = { static NT_USER_TOKEN guest_token = { 1, - &builtin_guest + &guest_sid }; /********************************************************************************** Check if this ACE has a SID in common with the token. + The SID "Everyone" always matches. **********************************************************************************/ static BOOL token_sid_in_ace( NT_USER_TOKEN *token, SEC_ACE *ace) @@ -51,9 +63,10 @@ static BOOL token_sid_in_ace( NT_USER_TOKEN *token, SEC_ACE *ace) size_t i; for (i = 0; i < token->num_sids; i++) { - if (sid_equal(&ace->sid, &token->user_sids[i])) { + if (sid_equal(&ace->sid, &everyone_sid)) + return True; + if (sid_equal(&ace->sid, &token->user_sids[i])) return True; - } } return False; -- cgit