1
0
mirror of https://github.com/samba-team/samba.git synced 2025-01-11 05:18:09 +03:00

Only ask for specific permissions required when setting an ACL.

Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Fri Feb  3 03:07:33 CET 2012 on sn-devel-104
This commit is contained in:
Jeremy Allison 2012-02-02 16:28:39 -08:00
parent 9fec2c0ea9
commit 571ee0b1ff

View File

@ -868,12 +868,21 @@ static bool set_secdesc(struct cli_state *cli, const char *filename,
uint16_t fnum = (uint16_t)-1;
bool result=true;
NTSTATUS status;
uint32_t desired_access = 0;
/* The desired access below is the only one I could find that works
with NT4, W2KP and Samba */
/* Make the desired_access more specific. */
if (sd->dacl) {
desired_access |= WRITE_DAC_ACCESS;
}
if (sd->sacl) {
desired_access |= SEC_FLAG_SYSTEM_SECURITY;
}
if (sd->owner_sid || sd->group_sid) {
desired_access |= WRITE_OWNER_ACCESS;
}
status = cli_ntcreate(cli, filename, 0,
WRITE_DAC_ACCESS|WRITE_OWNER_ACCESS,
desired_access,
0, FILE_SHARE_READ|FILE_SHARE_WRITE,
FILE_OPEN, 0x0, 0x0, &fnum);
if (!NT_STATUS_IS_OK(status)) {