From 2102f6bff9641eeec3b593529be7bf8d9ec784d4 Mon Sep 17 00:00:00 2001 From: Gerald Carter Date: Fri, 17 Jun 2005 01:57:18 +0000 Subject: r7664: add access check hooks to _reg_open_entry which are passed off to the reg_XXX backend. If the backend does not define a regkey_access_check() function, we default to using the standard registry_access_check() (This used to be commit 2f08a904eee772e7d99ae6e3e4c922f74732284f) --- source3/registry/reg_frontend.c | 24 ++++++++++++++++++++++++ 1 file changed, 24 insertions(+) (limited to 'source3/registry/reg_frontend.c') diff --git a/source3/registry/reg_frontend.c b/source3/registry/reg_frontend.c index 196007d3cb..ab8a02812f 100644 --- a/source3/registry/reg_frontend.c +++ b/source3/registry/reg_frontend.c @@ -234,4 +234,28 @@ BOOL fetch_reg_values_specific( REGISTRY_KEY *key, REGISTRY_VALUE **val, uint32 return True; } +/*********************************************************************** + High level access check for passing the required access mask to the + underlying registry backend + ***********************************************************************/ + +BOOL regkey_access_check( REGISTRY_KEY *key, uint32 requested, uint32 *granted, NT_USER_TOKEN *token ) +{ + /* use the default security check if the backend has not defined its own */ + + if ( !(key->hook && key->hook->ops && key->hook->ops->reg_access_check) ) { + SEC_DESC *sec_desc; + NTSTATUS status; + + if ( !(sec_desc = construct_registry_sd( get_talloc_ctx() )) ) + return False; + + status = registry_access_check( sec_desc, token, requested, granted ); + + return NT_STATUS_IS_OK(status); + } + + return key->hook->ops->reg_access_check( key->name, requested, granted, token ); +} + -- cgit