sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2024-12-25 23:21:54 +03:00
Code

Removed requirement that sid have an owner before being interpreted.

Browse Source 
Thanks to Elrond for pointing this out.
Jeremy.
(This used to be commit 1d9a5494f8)
This commit is contained in:
Jeremy Allison 2000-08-10 17:48:15 +00:00
parent 536a055a9a
commit 1e46bde597
1 changed files with 9 additions and 18 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

27
source3/lib/util_seaccess.c
View File

@ -229,30 +229,21 @@ BOOL se_access_check(SEC_DESC *sd, struct current_user *user,
return True;
}
/* We must know the owner sid */
if (sd->owner_sid == NULL) {
DEBUG(1, ("no owner for security descriptor\n"));
*acc_granted = 0;
*status = NT_STATUS_ACCESS_DENIED;
DEBUG(5, ("se_access_check: no owner sid, access denied\n"));
return False;
}
/* The user sid is the first in the token */
DEBUG(3, ("se_access_check: user sid is %s\n", sid_to_string(sid_str, &token->user_sids[0]) ));
/* Is the token the owner of the SID ? */
for (i = 0; i < token->num_sids; i++) {
if (sid_equal(&token->user_sids[i], sd->owner_sid)) {
/*
* The owner always has SEC_RIGHTS_WRITE_DAC.
*/
if (tmp_acc_desired & SEC_RIGHTS_WRITE_DAC)
tmp_acc_desired &= ~SEC_RIGHTS_WRITE_DAC;
if (sd->owner_sid) {
for (i = 0; i < token->num_sids; i++) {
if (sid_equal(&token->user_sids[i], sd->owner_sid)) {
/*
* The owner always has SEC_RIGHTS_WRITE_DAC.
*/
if (tmp_acc_desired & SEC_RIGHTS_WRITE_DAC)
tmp_acc_desired &= ~SEC_RIGHTS_WRITE_DAC;
}
}
}