mirror of
https://github.com/samba-team/samba.git
synced 2025-01-11 05:18:09 +03:00
117d4c5500
To help clarify the logic, we make new functions that separate the deny and allow cases, which helps keep track of what 'yes' and 'no' mean and which incorporate the logic of token->evaluate_claims handling, which determines when we want to run a conditional ACE, when we want to ignore it, and when we want to take offence. In the case when we decide to run it, we then need to decide whether to apply it or ignore it based on the result. This last bit differs between allow and deny aces, hence the two functions. These functions will replace check_callback_ace_access() over the next few commits. In the case where token->evaluate_claims is CLAIMS_EVALUATION_INVALID_STATE and the DACL contains a conditional ACE, the maximum allowed is 0, as if it was a "deny everything" ACE. This is an unexpected case. Most likely the evaluate_claims state will be NEVER or ALWAYS. In the NEVER case the conditional ACE is skipped, as would have happened in all cases before 4.20, while in the ALWAYS case the conditional ACE is run and applied if successful. Signed-off-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org> |
||
|---|---|---|
| .. | ||
| tests | ||
| access_check.c | ||
| access_check.h | ||
| claims-conversions.c | ||
| claims-conversions.h | ||
| conditional_ace.c | ||
| conditional_ace.h | ||
| create_descriptor.c | ||
| display_sec.c | ||
| display_sec.h | ||
| dom_sid.c | ||
| dom_sid.h | ||
| object_tree.c | ||
| privileges_private.h | ||
| privileges.c | ||
| privileges.h | ||
| pysecurity.c | ||
| sddl_conditional_ace.c | ||
| sddl.c | ||
| sddl.h | ||
| secace.c | ||
| secace.h | ||
| secacl.c | ||
| secacl.h | ||
| secdesc.c | ||
| secdesc.h | ||
| security_descriptor.c | ||
| security_descriptor.h | ||
| security_token.c | ||
| security_token.h | ||
| security.h | ||
| session.c | ||
| session.h | ||
| util_sid.c | ||
| wscript_build | ||