From 81b18464be170528d5e1549868bcbddbbcd60e1e Mon Sep 17 00:00:00 2001
From: Günther Deschner <gd@samba.org>
Date: Fri, 17 Apr 2009 23:18:24 +0200
Subject: s3-spoolss: remove some direct checks for 0 uid in
 AddForm,SetForm,DelForm.

Also add some become_root()/unbecome_root() pairs which were missing IMHO.

Guenther
---
 source3/rpc_server/srv_spoolss_nt.c | 17 +++++++++++++----
 1 file changed, 13 insertions(+), 4 deletions(-)

(limited to 'source3')

diff --git a/source3/rpc_server/srv_spoolss_nt.c b/source3/rpc_server/srv_spoolss_nt.c
index 251415adcb..155d651f3e 100644
--- a/source3/rpc_server/srv_spoolss_nt.c
+++ b/source3/rpc_server/srv_spoolss_nt.c
@@ -8296,7 +8296,7 @@ WERROR _spoolss_AddForm(pipes_struct *p,
 	/* if the user is not root, doesn't have SE_PRINT_OPERATOR privilege,
 	   and not a printer admin, then fail */
 
-	if ((p->server_info->utok.uid != 0) &&
+	if ((p->server_info->utok.uid != sec_initial_uid()) &&
 	     !user_has_privileges(p->server_info->ptok, &se_printop) &&
 	     !token_contains_name_in_list(uidtoname(p->server_info->utok.uid),
 					  NULL, NULL,
@@ -8320,7 +8320,9 @@ WERROR _spoolss_AddForm(pipes_struct *p,
 		goto done;
 	}
 
+	become_root();
 	write_ntforms(&list, count);
+	unbecome_root();
 
 	/*
 	 * ChangeID must always be set if this is a printer
@@ -8353,6 +8355,7 @@ WERROR _spoolss_DeleteForm(pipes_struct *p,
 	WERROR status = WERR_OK;
 	NT_PRINTER_INFO_LEVEL *printer = NULL;
 	SE_PRIV se_printop = SE_PRINT_OPERATOR;
+	bool ret = false;
 
 	DEBUG(5,("_spoolss_DeleteForm\n"));
 
@@ -8374,7 +8377,7 @@ WERROR _spoolss_DeleteForm(pipes_struct *p,
 			goto done;
 	}
 
-	if ((p->server_info->utok.uid != 0) &&
+	if ((p->server_info->utok.uid != sec_initial_uid()) &&
 	     !user_has_privileges(p->server_info->ptok, &se_printop) &&
 	     !token_contains_name_in_list(uidtoname(p->server_info->utok.uid),
 					  NULL, NULL,
@@ -8394,8 +8397,12 @@ WERROR _spoolss_DeleteForm(pipes_struct *p,
 
 	count = get_ntforms(&list);
 
-	if ( !delete_a_form(&list, form_name, &count, &status ))
+	become_root();
+	ret = delete_a_form(&list, form_name, &count, &status);
+	unbecome_root();
+	if (ret == false) {
 		goto done;
+	}
 
 	/*
 	 * ChangeID must always be set if this is a printer
@@ -8453,7 +8460,7 @@ WERROR _spoolss_SetForm(pipes_struct *p,
 	/* if the user is not root, doesn't have SE_PRINT_OPERATOR privilege,
 	   and not a printer admin, then fail */
 
-	if ((p->server_info->utok.uid != 0) &&
+	if ((p->server_info->utok.uid != sec_initial_uid()) &&
 	     !user_has_privileges(p->server_info->ptok, &se_printop) &&
 	     !token_contains_name_in_list(uidtoname(p->server_info->utok.uid),
 					  NULL, NULL,
@@ -8471,7 +8478,9 @@ WERROR _spoolss_SetForm(pipes_struct *p,
 
 	count = get_ntforms(&list);
 	update_a_form(&list, form, count);
+	become_root();
 	write_ntforms(&list, count);
+	unbecome_root();
 
 	/*
 	 * ChangeID must always be set if this is a printer
-- 
cgit