1
0
mirror of https://github.com/samba-team/samba.git synced 2025-01-12 09:18:10 +03:00

s3:rpc_server/srvsvc check access before doing work

Before doing the (potentially) costly enumerations,
check if the user has necessary privileges first

Signed-off-by: Shekhar Amlekar <samlekar@in.ibm.com>
Reviewed-by: Christian Ambach <ambi@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>

Autobuild-User(master): Christian Ambach <ambi@samba.org>
Autobuild-Date(master): Tue May 14 16:22:24 CEST 2013 on sn-devel-104
This commit is contained in:
Shekhar Amlekar 2013-05-07 17:58:16 +05:30 committed by Christian Ambach
parent 1cd20441a7
commit 6c5158e3de

View File

@ -1226,16 +1226,6 @@ WERROR _srvsvc_NetSessDel(struct pipes_struct *p,
bool not_root = False;
WERROR werr;
username = r->in.user;
machine = r->in.client;
/* strip leading backslashes if any */
if (machine && machine[0] == '\\' && machine[1] == '\\') {
machine += 2;
}
num_sessions = list_sessions(p->mem_ctx, &session_list);
DEBUG(5,("_srvsvc_NetSessDel: %d\n", __LINE__));
werr = WERR_ACCESS_DENIED;
@ -1249,6 +1239,16 @@ WERROR _srvsvc_NetSessDel(struct pipes_struct *p,
goto done;
}
username = r->in.user;
machine = r->in.client;
/* strip leading backslashes if any */
if (machine && machine[0] == '\\' && machine[1] == '\\') {
machine += 2;
}
num_sessions = list_sessions(p->mem_ctx, &session_list);
for (snum = 0; snum < num_sessions; snum++) {
if ((strequal(session_list[snum].username, username) || username[0] == '\0' ) &&