From a8b95686a7bde3f96f141b6938e24e101567ef54 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Fri, 22 Oct 2010 10:31:06 -0700 Subject: [PATCH] Wrap security_token_has_privilege() with a check for lp_enable_privileges(). Needed to maintain compatibility with smb.conf manpage. Jeremy. Autobuild-User: Jeremy Allison Autobuild-Date: Fri Oct 22 18:15:48 UTC 2010 on sn-devel-104 --- source3/include/proto.h | 1 + source3/param/loadparm.c | 8 ++++++++ source3/printing/nt_printing.c | 2 +- source3/registry/reg_backend_smbconf.c | 2 +- source3/rpc_server/srv_samr_nt.c | 10 +++++----- source3/rpc_server/srv_spoolss_nt.c | 18 +++++++++--------- source3/rpc_server/srv_srvsvc_nt.c | 8 ++++---- source3/rpc_server/srv_winreg_nt.c | 6 +++--- source3/rpc_server/srv_wkssvc_nt.c | 4 ++-- source3/smbd/open.c | 4 ++-- source3/smbd/posix_acls.c | 4 ++-- 11 files changed, 38 insertions(+), 29 deletions(-) diff --git a/source3/include/proto.h b/source3/include/proto.h index 6ce27b8200c..304fdb48ae1 100644 --- a/source3/include/proto.h +++ b/source3/include/proto.h @@ -3586,6 +3586,7 @@ char* lp_perfcount_module(void); void lp_set_passdb_backend(const char *backend); void widelinks_warning(int snum); char *lp_ncalrpc_dir(void); +bool s3_security_token_has_privilege(const struct security_token *token, enum sec_privilege privilege); /* The following definitions come from param/loadparm_server_role.c */ diff --git a/source3/param/loadparm.c b/source3/param/loadparm.c index 8dadebfa891..b11effdf932 100644 --- a/source3/param/loadparm.c +++ b/source3/param/loadparm.c @@ -10132,3 +10132,11 @@ bool lp_readraw(void) } return _lp_readraw(); } + +bool s3_security_token_has_privilege(const struct security_token *token, enum sec_privilege privilege) +{ + if (!lp_enable_privileges()) { + return false; + } + return security_token_has_privilege(token, privilege); +} diff --git a/source3/printing/nt_printing.c b/source3/printing/nt_printing.c index 84de565159b..026161b26b6 100644 --- a/source3/printing/nt_printing.c +++ b/source3/printing/nt_printing.c @@ -2082,7 +2082,7 @@ bool print_access_check(const struct auth_serversupplied_info *server_info, /* Always allow root or SE_PRINT_OPERATROR to do anything */ if (server_info->utok.uid == sec_initial_uid() - || security_token_has_privilege(server_info->ptok, SEC_PRIV_PRINT_OPERATOR)) { + || s3_security_token_has_privilege(server_info->ptok, SEC_PRIV_PRINT_OPERATOR)) { return True; } diff --git a/source3/registry/reg_backend_smbconf.c b/source3/registry/reg_backend_smbconf.c index b96c73b47b9..f638223427f 100644 --- a/source3/registry/reg_backend_smbconf.c +++ b/source3/registry/reg_backend_smbconf.c @@ -60,7 +60,7 @@ static bool smbconf_reg_access_check(const char *keyname, uint32 requested, uint32 *granted, const struct security_token *token) { - if (!security_token_has_privilege(token, SEC_PRIV_DISK_OPERATOR)) { + if (!s3_security_token_has_privilege(token, SEC_PRIV_DISK_OPERATOR)) { return False; } diff --git a/source3/rpc_server/srv_samr_nt.c b/source3/rpc_server/srv_samr_nt.c index a04584e7c15..c2bf13e901c 100644 --- a/source3/rpc_server/srv_samr_nt.c +++ b/source3/rpc_server/srv_samr_nt.c @@ -200,8 +200,8 @@ NTSTATUS access_check_object( struct security_descriptor *psd, struct security_t by privileges (mostly having to do with creating/modifying/deleting users and groups) */ - if ((needed_priv_1 != SEC_PRIV_INVALID && security_token_has_privilege(token, needed_priv_1)) || - (needed_priv_2 != SEC_PRIV_INVALID && security_token_has_privilege(token, needed_priv_2))) { + if ((needed_priv_1 != SEC_PRIV_INVALID && s3_security_token_has_privilege(token, needed_priv_1)) || + (needed_priv_2 != SEC_PRIV_INVALID && s3_security_token_has_privilege(token, needed_priv_2))) { saved_mask = (des_access & rights_mask); des_access &= ~saved_mask; @@ -572,7 +572,7 @@ NTSTATUS _samr_OpenDomain(struct pipes_struct *p, * Users with SeAddUser get the ability to manipulate groups * and aliases. */ - if (security_token_has_privilege(p->server_info->ptok, SEC_PRIV_ADD_USERS)) { + if (s3_security_token_has_privilege(p->server_info->ptok, SEC_PRIV_ADD_USERS)) { extra_access |= (SAMR_DOMAIN_ACCESS_CREATE_GROUP | SAMR_DOMAIN_ACCESS_ENUM_ACCOUNTS | SAMR_DOMAIN_ACCESS_OPEN_ACCOUNT | @@ -3845,13 +3845,13 @@ NTSTATUS _samr_CreateUser2(struct pipes_struct *p, can_add_account = true; } else if (acb_info & ACB_WSTRUST) { needed_priv = SEC_PRIV_MACHINE_ACCOUNT; - can_add_account = security_token_has_privilege(p->server_info->ptok, SEC_PRIV_MACHINE_ACCOUNT); + can_add_account = s3_security_token_has_privilege(p->server_info->ptok, SEC_PRIV_MACHINE_ACCOUNT); } else if (acb_info & ACB_NORMAL && (account[strlen(account)-1] != '$')) { /* usrmgr.exe (and net rpc trustdom grant) creates a normal user account for domain trusts and changes the ACB flags later */ needed_priv = SEC_PRIV_ADD_USERS; - can_add_account = security_token_has_privilege(p->server_info->ptok, SEC_PRIV_ADD_USERS); + can_add_account = s3_security_token_has_privilege(p->server_info->ptok, SEC_PRIV_ADD_USERS); } else if (lp_enable_privileges()) { /* implicit assumption of a BDC or domain trust account here * (we already check the flags earlier) */ diff --git a/source3/rpc_server/srv_spoolss_nt.c b/source3/rpc_server/srv_spoolss_nt.c index 62725ee95a7..a409a758550 100644 --- a/source3/rpc_server/srv_spoolss_nt.c +++ b/source3/rpc_server/srv_spoolss_nt.c @@ -379,7 +379,7 @@ static WERROR delete_printer_hook(TALLOC_CTX *ctx, struct security_token *token, return WERR_NOMEM; } if ( token ) - is_print_op = security_token_has_privilege(token, SEC_PRIV_PRINT_OPERATOR); + is_print_op = s3_security_token_has_privilege(token, SEC_PRIV_PRINT_OPERATOR); DEBUG(10,("Running [%s]\n", command)); @@ -1790,7 +1790,7 @@ WERROR _spoolss_OpenPrinterEx(struct pipes_struct *p, and not a printer admin, then fail */ if ((p->server_info->utok.uid != sec_initial_uid()) && - !security_token_has_privilege(p->server_info->ptok, SEC_PRIV_PRINT_OPERATOR) && + !s3_security_token_has_privilege(p->server_info->ptok, SEC_PRIV_PRINT_OPERATOR) && !token_contains_name_in_list( uidtoname(p->server_info->utok.uid), p->server_info->info3->base.domain.string, @@ -2033,7 +2033,7 @@ WERROR _spoolss_DeletePrinterDriver(struct pipes_struct *p, and not a printer admin, then fail */ if ( (p->server_info->utok.uid != sec_initial_uid()) - && !security_token_has_privilege(p->server_info->ptok, SEC_PRIV_PRINT_OPERATOR) + && !s3_security_token_has_privilege(p->server_info->ptok, SEC_PRIV_PRINT_OPERATOR) && !token_contains_name_in_list( uidtoname(p->server_info->utok.uid), p->server_info->info3->base.domain.string, @@ -2138,7 +2138,7 @@ WERROR _spoolss_DeletePrinterDriverEx(struct pipes_struct *p, and not a printer admin, then fail */ if ( (p->server_info->utok.uid != sec_initial_uid()) - && !security_token_has_privilege(p->server_info->ptok, SEC_PRIV_PRINT_OPERATOR) + && !s3_security_token_has_privilege(p->server_info->ptok, SEC_PRIV_PRINT_OPERATOR) && !token_contains_name_in_list( uidtoname(p->server_info->utok.uid), p->server_info->info3->base.domain.string, @@ -6023,7 +6023,7 @@ static WERROR add_port_hook(TALLOC_CTX *ctx, struct security_token *token, const } if ( token ) - is_print_op = security_token_has_privilege(token, SEC_PRIV_PRINT_OPERATOR); + is_print_op = s3_security_token_has_privilege(token, SEC_PRIV_PRINT_OPERATOR); DEBUG(10,("Running [%s]\n", command)); @@ -6080,7 +6080,7 @@ static bool add_printer_hook(TALLOC_CTX *ctx, struct security_token *token, } if ( token ) - is_print_op = security_token_has_privilege(token, SEC_PRIV_PRINT_OPERATOR); + is_print_op = s3_security_token_has_privilege(token, SEC_PRIV_PRINT_OPERATOR); DEBUG(10,("Running [%s]\n", command)); @@ -8406,7 +8406,7 @@ WERROR _spoolss_AddForm(struct pipes_struct *p, and not a printer admin, then fail */ if ((p->server_info->utok.uid != sec_initial_uid()) && - !security_token_has_privilege(p->server_info->ptok, SEC_PRIV_PRINT_OPERATOR) && + !s3_security_token_has_privilege(p->server_info->ptok, SEC_PRIV_PRINT_OPERATOR) && !token_contains_name_in_list(uidtoname(p->server_info->utok.uid), p->server_info->info3->base.domain.string, NULL, @@ -8474,7 +8474,7 @@ WERROR _spoolss_DeleteForm(struct pipes_struct *p, } if ((p->server_info->utok.uid != sec_initial_uid()) && - !security_token_has_privilege(p->server_info->ptok, SEC_PRIV_PRINT_OPERATOR) && + !s3_security_token_has_privilege(p->server_info->ptok, SEC_PRIV_PRINT_OPERATOR) && !token_contains_name_in_list(uidtoname(p->server_info->utok.uid), p->server_info->info3->base.domain.string, NULL, @@ -8538,7 +8538,7 @@ WERROR _spoolss_SetForm(struct pipes_struct *p, and not a printer admin, then fail */ if ((p->server_info->utok.uid != sec_initial_uid()) && - !security_token_has_privilege(p->server_info->ptok, SEC_PRIV_PRINT_OPERATOR) && + !s3_security_token_has_privilege(p->server_info->ptok, SEC_PRIV_PRINT_OPERATOR) && !token_contains_name_in_list(uidtoname(p->server_info->utok.uid), p->server_info->info3->base.domain.string, NULL, diff --git a/source3/rpc_server/srv_srvsvc_nt.c b/source3/rpc_server/srv_srvsvc_nt.c index f59b972861b..fe557e9ed8e 100644 --- a/source3/rpc_server/srv_srvsvc_nt.c +++ b/source3/rpc_server/srv_srvsvc_nt.c @@ -1572,7 +1572,7 @@ WERROR _srvsvc_NetShareSetInfo(struct pipes_struct *p, if (lp_print_ok(snum)) return WERR_ACCESS_DENIED; - is_disk_op = security_token_has_privilege(p->server_info->ptok, SEC_PRIV_DISK_OPERATOR); + is_disk_op = s3_security_token_has_privilege(p->server_info->ptok, SEC_PRIV_DISK_OPERATOR); /* fail out now if you are not root and not a disk op */ @@ -1774,7 +1774,7 @@ WERROR _srvsvc_NetShareAdd(struct pipes_struct *p, *r->out.parm_error = 0; } - is_disk_op = security_token_has_privilege(p->server_info->ptok, SEC_PRIV_DISK_OPERATOR); + is_disk_op = s3_security_token_has_privilege(p->server_info->ptok, SEC_PRIV_DISK_OPERATOR); if (p->server_info->utok.uid != sec_initial_uid() && !is_disk_op ) return WERR_ACCESS_DENIED; @@ -1967,7 +1967,7 @@ WERROR _srvsvc_NetShareDel(struct pipes_struct *p, if (lp_print_ok(snum)) return WERR_ACCESS_DENIED; - is_disk_op = security_token_has_privilege(p->server_info->ptok, SEC_PRIV_DISK_OPERATOR); + is_disk_op = s3_security_token_has_privilege(p->server_info->ptok, SEC_PRIV_DISK_OPERATOR); if (p->server_info->utok.uid != sec_initial_uid() && !is_disk_op ) return WERR_ACCESS_DENIED; @@ -2519,7 +2519,7 @@ WERROR _srvsvc_NetFileClose(struct pipes_struct *p, DEBUG(5,("_srvsvc_NetFileClose: %d\n", __LINE__)); - is_disk_op = security_token_has_privilege(p->server_info->ptok, SEC_PRIV_DISK_OPERATOR); + is_disk_op = s3_security_token_has_privilege(p->server_info->ptok, SEC_PRIV_DISK_OPERATOR); if (p->server_info->utok.uid != sec_initial_uid() && !is_disk_op) { return WERR_ACCESS_DENIED; diff --git a/source3/rpc_server/srv_winreg_nt.c b/source3/rpc_server/srv_winreg_nt.c index 298f33ab705..44cdfcbb37f 100644 --- a/source3/rpc_server/srv_winreg_nt.c +++ b/source3/rpc_server/srv_winreg_nt.c @@ -577,7 +577,7 @@ WERROR _winreg_InitiateSystemShutdownEx(struct pipes_struct *p, return WERR_NOMEM; } - can_shutdown = security_token_has_privilege(p->server_info->ptok, SEC_PRIV_REMOTE_SHUTDOWN); + can_shutdown = s3_security_token_has_privilege(p->server_info->ptok, SEC_PRIV_REMOTE_SHUTDOWN); /* IF someone has privs, run the shutdown script as root. OTHERWISE run it as not root Take the error return from the script and provide it as the Windows return code. */ @@ -614,7 +614,7 @@ WERROR _winreg_AbortSystemShutdown(struct pipes_struct *p, if (!*abort_shutdown_script) return WERR_ACCESS_DENIED; - can_shutdown = security_token_has_privilege(p->server_info->ptok, SEC_PRIV_REMOTE_SHUTDOWN); + can_shutdown = s3_security_token_has_privilege(p->server_info->ptok, SEC_PRIV_REMOTE_SHUTDOWN); /********** BEGIN SeRemoteShutdownPrivilege BLOCK **********/ @@ -704,7 +704,7 @@ WERROR _winreg_RestoreKey(struct pipes_struct *p, /* user must posses SeRestorePrivilege for this this proceed */ - if ( !security_token_has_privilege(p->server_info->ptok, SEC_PRIV_RESTORE)) { + if ( !s3_security_token_has_privilege(p->server_info->ptok, SEC_PRIV_RESTORE)) { return WERR_ACCESS_DENIED; } diff --git a/source3/rpc_server/srv_wkssvc_nt.c b/source3/rpc_server/srv_wkssvc_nt.c index 000b605913d..aa30d14face 100644 --- a/source3/rpc_server/srv_wkssvc_nt.c +++ b/source3/rpc_server/srv_wkssvc_nt.c @@ -823,7 +823,7 @@ WERROR _wkssvc_NetrJoinDomain2(struct pipes_struct *p, return WERR_INVALID_PARAM; } - if (!security_token_has_privilege(token, SEC_PRIV_MACHINE_ACCOUNT) && + if (!s3_security_token_has_privilege(token, SEC_PRIV_MACHINE_ACCOUNT) && !nt_token_check_domain_rid(token, DOMAIN_RID_ADMINS) && !nt_token_check_sid(&global_sid_Builtin_Administrators, token)) { DEBUG(5,("_wkssvc_NetrJoinDomain2: account doesn't have " @@ -894,7 +894,7 @@ WERROR _wkssvc_NetrUnjoinDomain2(struct pipes_struct *p, return WERR_INVALID_PARAM; } - if (!security_token_has_privilege(token, SEC_PRIV_MACHINE_ACCOUNT) && + if (!s3_security_token_has_privilege(token, SEC_PRIV_MACHINE_ACCOUNT) && !nt_token_check_domain_rid(token, DOMAIN_RID_ADMINS) && !nt_token_check_sid(&global_sid_Builtin_Administrators, token)) { DEBUG(5,("_wkssvc_NetrUnjoinDomain2: account doesn't have " diff --git a/source3/smbd/open.c b/source3/smbd/open.c index f5de607713c..b19aad9d5ea 100644 --- a/source3/smbd/open.c +++ b/source3/smbd/open.c @@ -2507,7 +2507,7 @@ static NTSTATUS open_directory(connection_struct *conn, } if ((access_mask & SEC_FLAG_SYSTEM_SECURITY) & - !security_token_has_privilege(get_current_nttok(conn), + !s3_security_token_has_privilege(get_current_nttok(conn), SEC_PRIV_SECURITY)) { DEBUG(10, ("open_directory: open on %s " "failed - SEC_FLAG_SYSTEM_SECURITY denied.\n", @@ -3031,7 +3031,7 @@ static NTSTATUS create_file_unixpath(connection_struct *conn, } if ((access_mask & SEC_FLAG_SYSTEM_SECURITY) && - !security_token_has_privilege(get_current_nttok(conn), + !s3_security_token_has_privilege(get_current_nttok(conn), SEC_PRIV_SECURITY)) { DEBUG(10, ("create_file_unixpath: open on %s " "failed - SEC_FLAG_SYSTEM_SECURITY denied.\n", diff --git a/source3/smbd/posix_acls.c b/source3/smbd/posix_acls.c index 54fa5bfdfcc..4633b480a3c 100644 --- a/source3/smbd/posix_acls.c +++ b/source3/smbd/posix_acls.c @@ -3556,8 +3556,8 @@ int try_chown(connection_struct *conn, struct smb_filename *smb_fname, /* Case (2) / (3) */ if (lp_enable_privileges()) { - bool has_take_ownership_priv = security_token_has_privilege(get_current_nttok(conn), SEC_PRIV_TAKE_OWNERSHIP); - bool has_restore_priv = security_token_has_privilege(get_current_nttok(conn), SEC_PRIV_RESTORE); + bool has_take_ownership_priv = s3_security_token_has_privilege(get_current_nttok(conn), SEC_PRIV_TAKE_OWNERSHIP); + bool has_restore_priv = s3_security_token_has_privilege(get_current_nttok(conn), SEC_PRIV_RESTORE); /* Case (2) */ if ( ( has_take_ownership_priv && ( uid == get_current_uid(conn) ) ) ||