From 9e73a361936fc0b7c2498a3cf2729829c621d1ca Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Wed, 11 Apr 2001 00:05:23 +0000 Subject: Restrict dfs add and dfs remote to root at Shirish's advice. Jeremy. (This used to be commit 9dd77c4fb1282d23cfbfd9d0ed790be62534e201) --- source3/rpc_server/srv_dfs_nt.c | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) (limited to 'source3') diff --git a/source3/rpc_server/srv_dfs_nt.c b/source3/rpc_server/srv_dfs_nt.c index 22e7a24f58..c01ab8f2d9 100644 --- a/source3/rpc_server/srv_dfs_nt.c +++ b/source3/rpc_server/srv_dfs_nt.c @@ -44,6 +44,7 @@ uint32 _dfs_exist(pipes_struct *p, DFS_Q_DFS_EXIST *q_u, DFS_R_DFS_EXIST *r_u) uint32 _dfs_add(pipes_struct *p, DFS_Q_DFS_ADD* q_u, DFS_R_DFS_ADD *r_u) { + struct current_user user; struct junction_map jn; struct referral* old_referral_list = NULL; BOOL exists = False; @@ -51,6 +52,13 @@ uint32 _dfs_add(pipes_struct *p, DFS_Q_DFS_ADD* q_u, DFS_R_DFS_ADD *r_u) pstring dfspath, servername, sharename; pstring altpath; + get_current_user(&user,p); + + if (user.uid != 0) { + DEBUG(10,("_dfs_add: uid != 0. Access denied.\n")); + return ERROR_ACCESS_DENIED; + } + unistr2_to_ascii(dfspath, &q_u->DfsEntryPath, sizeof(dfspath)-1); unistr2_to_ascii(servername, &q_u->ServerName, sizeof(servername)-1); unistr2_to_ascii(sharename, &q_u->ShareName, sizeof(sharename)-1); @@ -103,12 +111,20 @@ uint32 _dfs_add(pipes_struct *p, DFS_Q_DFS_ADD* q_u, DFS_R_DFS_ADD *r_u) uint32 _dfs_remove(pipes_struct *p, DFS_Q_DFS_REMOVE *q_u, DFS_R_DFS_REMOVE *r_u) { + struct current_user user; struct junction_map jn; BOOL found = False; pstring dfspath, servername, sharename; pstring altpath; + get_current_user(&user,p); + + if (user.uid != 0) { + DEBUG(10,("_dfs_add: uid != 0. Access denied.\n")); + return ERROR_ACCESS_DENIED; + } + unistr2_to_ascii(dfspath, &q_u->DfsEntryPath, sizeof(dfspath)-1); if(q_u->ptr_ServerName) unistr2_to_ascii(servername, &q_u->ServerName, sizeof(servername)-1); -- cgit