From 2387e3bcfeb4c2e54342a8fff4b157e9ba68024b Mon Sep 17 00:00:00 2001
From: Andrew Bartlett <abartlet@samba.org>
Date: Mon, 30 Aug 2010 12:47:29 +1000
Subject: s3-privs Call security_token_set_privilege() rather than manual
 assignment

This avoids as much direct modifiction of the bitmask as possible.

Andrew Bartlett

Signed-off-by: Andrew Tridgell <tridge@samba.org>
---
 source3/auth/token_util.c         | 2 +-
 source3/registry/reg_util_token.c | 3 ++-
 2 files changed, 3 insertions(+), 2 deletions(-)

(limited to 'source3')

diff --git a/source3/auth/token_util.c b/source3/auth/token_util.c
index e8334c6306..bc7d998341 100644
--- a/source3/auth/token_util.c
+++ b/source3/auth/token_util.c
@@ -112,7 +112,7 @@ struct security_token *get_root_nt_token( void )
 	token = create_local_nt_token(talloc_autofree_context(), &u_sid, False,
 				      1, &global_sid_Builtin_Administrators);
 
-	token->privilege_mask = se_disk_operators;
+	security_token_set_privilege(token, SEC_PRIV_DISK_OPERATOR);
 
 	for_cache = token;
 
diff --git a/source3/registry/reg_util_token.c b/source3/registry/reg_util_token.c
index 898b64b2a7..6373d48305 100644
--- a/source3/registry/reg_util_token.c
+++ b/source3/registry/reg_util_token.c
@@ -43,7 +43,8 @@ NTSTATUS registry_create_admin_token(TALLOC_CTX *mem_ctx,
 		status = NT_STATUS_NO_MEMORY;
 		goto done;
 	}
-	token->privilege_mask = se_disk_operators;
+	security_token_set_privilege(token, SEC_PRIV_DISK_OPERATOR);
+
 	status = add_sid_to_array(token, &global_sid_Builtin_Administrators,
 				  &token->sids, &token->num_sids);
 	if (!NT_STATUS_IS_OK(status)) {
-- 
cgit