status = smbd_do_query_security_desc(conn,
talloc_tos(),
fsp,
- security_info_wanted,
+ security_info_wanted &
+ SMB_SUPPORTED_SECINFO_FLAGS,
max_data_count,
&marshalled_sd,
&sd_size);
return;
}
- status = set_sd_blob(fsp, (uint8 *)data, data_count, security_info_sent);
-
+ status = set_sd_blob(fsp, (uint8 *)data, data_count,
+ security_info_sent & SMB_SUPPORTED_SECINFO_FLAGS);
if (!NT_STATUS_IS_OK(status)) {
reply_nterror(req, status);
return;
num_profile_acls = 3;
}
+ /*
+ * TODO: is this logic with SECINFO_PROTECTED_DACL, correct?
+ * See bug #10773.
+ */
if ((security_info & SECINFO_DACL) && !(security_info & SECINFO_PROTECTED_DACL)) {
/*
state,
fsp,
/* Security info wanted. */
- in_additional_information,
+ in_additional_information &
+ SMB_SUPPORTED_SECINFO_FLAGS,
in_output_buffer_length,
&p_marshalled_sd,
&sd_size);
status = set_sd_blob(fsp,
in_input_buffer.data,
in_input_buffer.length,
- in_additional_information);
+ in_additional_information &
+ SMB_SUPPORTED_SECINFO_FLAGS);
if (!NT_STATUS_IS_OK(status)) {
tevent_req_nterror(req, status);
return tevent_req_post(req, ev);