sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-01-29 21:47:30 +03:00
Code

It turns out that Windows allows delete printer on a handle

Browse Source 
opened by an admin user, then used on a pipe handle created
by an anonymous user..... but they're working on security.... riiight !
Jeremy.
(This used to be commit 322d8b4c83439261cfd2ff79b557bddb1e784660)
This commit is contained in:
Jeremy Allison 2002-09-27 22:51:59 +00:00
parent 3c7334c1b5
commit 543edfbeab
1 changed files with 14 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
source3/rpc_server/srv_spoolss_nt.c
View File

@ -313,6 +313,19 @@ static WERROR delete_printer_handle(pipes_struct *p, POLICY_HND *hnd)
return WERR_BADFID;
}
/*
* It turns out that Windows allows delete printer on a handle
* opened by an admin user, then used on a pipe handle created
* by an anonymous user..... but they're working on security.... riiight !
* JRA.
*/
if (Printer->access_granted != PRINTER_ACCESS_ADMINISTER) {
DEBUG(3, ("delete_printer_handle: denied by handle\n"));
return WERR_ACCESS_DENIED;
}
#if 0
/* Check calling user has permission to delete printer. Note that
since we set the snum parameter to -1 only administrators can
delete the printer. This stops people with the Full Control
@ -322,6 +335,7 @@ static WERROR delete_printer_handle(pipes_struct *p, POLICY_HND *hnd)
DEBUG(3, ("printer delete denied by security descriptor\n"));
return WERR_ACCESS_DENIED;
}
#endif
if (del_a_printer(Printer->dev.handlename) != 0) {
DEBUG(3,("Error deleting printer %s\n", Printer->dev.handlename));