From 4c386ce366cfa08e670f58e5560bf1253b8b6c29 Mon Sep 17 00:00:00 2001
From: Andrew Bartlett <abartlet@samba.org>
Date: Mon, 8 Sep 2008 11:09:02 +1000
Subject: Don't expose passwords, even to the administrator.

This ensures they don't leak over LDAP, but does not prevent access,
as ldbsearch locally still bypasses these controls.

Andrew Bartlett
(This used to be commit fa3f3bab33001770a9d7e33875bf212636f6c128)
---
 source4/dsdb/samdb/ldb_modules/kludge_acl.c | 15 ++++++++++++++-
 1 file changed, 14 insertions(+), 1 deletion(-)

(limited to 'source4/dsdb/samdb')

diff --git a/source4/dsdb/samdb/ldb_modules/kludge_acl.c b/source4/dsdb/samdb/ldb_modules/kludge_acl.c
index 2c01594722..bc998a835a 100644
--- a/source4/dsdb/samdb/ldb_modules/kludge_acl.c
+++ b/source4/dsdb/samdb/ldb_modules/kludge_acl.c
@@ -238,7 +238,6 @@ static int kludge_acl_callback(struct ldb_context *ldb, void *context, struct ld
 	{
 		switch (ac->user_type) {
 		case SECURITY_SYSTEM:
-		case SECURITY_ADMINISTRATOR:
 			if (ac->allowedAttributesEffective) {
 				ret = kludge_acl_allowedAttributes(ldb, ares->message, "allowedAttributesEffective");
 				if (ret != LDB_SUCCESS) {
@@ -252,6 +251,20 @@ static int kludge_acl_callback(struct ldb_context *ldb, void *context, struct ld
 				}
 			}
 			break;
+		case SECURITY_ADMINISTRATOR:
+			if (ac->allowedAttributesEffective) {
+				ret = kludge_acl_allowedAttributes(ldb, ares->message, "allowedAttributesEffective");
+				if (ret != LDB_SUCCESS) {
+					return ret;
+				}
+			}
+			if (ac->allowedChildClassesEffective) {
+				ret = kludge_acl_childClasses(ldb, ares->message, "allowedChildClassesEffective");
+				if (ret != LDB_SUCCESS) {
+					return ret;
+				}
+			}
+			/* fall though */
 		default:
 			/* remove password attributes */
 			for (i = 0; data->password_attrs[i]; i++) {
-- 
cgit