mirror of
https://github.com/samba-team/samba.git
synced 2025-12-17 04:23:50 +03:00
python/ntacls.py: Fix ACE type comparison
SEC_ACE_TYPE_ values are not flags, so this comparison does not behave as intended. Modify the check to more closely match the one in gp_create_gpt_security_descriptor(). Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
This commit is contained in:
Joseph Sutton
committed by
Andrew Bartlett
Andrew Bartlett
parent
52afaa0ceb
commit
27dd0afb62
@@ -301,7 +301,8 @@ def dsacl2fsacl(dssddl, sid, as_sddl=True):
|
||||
aces = ref.dacl.aces
|
||||
for i in range(0, len(aces)):
|
||||
ace = aces[i]
|
||||
if not ace.type & security.SEC_ACE_TYPE_ACCESS_ALLOWED_OBJECT and str(ace.trustee) != security.SID_BUILTIN_PREW2K:
|
||||
if ace.type in (security.SEC_ACE_TYPE_ACCESS_ALLOWED_OBJECT,
|
||||
security.SEC_ACE_TYPE_ACCESS_ALLOWED) and str(ace.trustee) != security.SID_BUILTIN_PREW2K:
|
||||
# if fdescr.type & security.SEC_DESC_DACL_AUTO_INHERITED:
|
||||
ace.flags = ace.flags | security.SEC_ACE_FLAG_OBJECT_INHERIT | security.SEC_ACE_FLAG_CONTAINER_INHERIT
|
||||
if str(ace.trustee) == security.SID_CREATOR_OWNER:
|
||||
|
||||
Reference in New Issue
Block a user