Owner always has READ_CONTROL and WRITE_DAC access.

author Jeremy Allison <jra@samba.org>

Tue, 12 Dec 2000 00:42:55 +0000 (00:42 +0000)

committer Jeremy Allison <jra@samba.org>

Tue, 12 Dec 2000 00:42:55 +0000 (00:42 +0000)
author Jeremy Allison <jra@samba.org>
Tue, 12 Dec 2000 00:42:55 +0000 (00:42 +0000)
committer Jeremy Allison <jra@samba.org>
Tue, 12 Dec 2000 00:42:55 +0000 (00:42 +0000)
diff --git a/source3/lib/util_seaccess.c b/source3/lib/util_seaccess.c

index cacdad16fd623b3c740bbbbde16f2a17e6e13136..9aa2be4d2ddc13ac140225793b535739acf1631e 100644 (file)
--- a/source3/lib/util_seaccess.c
+++ b/source3/lib/util_seaccess.c
@@ -239,10 +239,12 @@ BOOL se_access_check(SEC_DESC *sd, struct current_user *user,
                 for (i = 0; i < token->num_sids; i++) {
                         if (sid_equal(&token->user_sids[i], sd->owner_sid)) {
                                 /*
-                                * The owner always has SEC_RIGHTS_WRITE_DAC.
+                                * The owner always has SEC_RIGHTS_WRITE_DAC & READ_CONTROL.
                                  */
                                 if (tmp_acc_desired & WRITE_DAC_ACCESS)
                                         tmp_acc_desired &= ~WRITE_DAC_ACCESS;
+                               if (tmp_acc_desired & READ_CONTROL_ACCESS)
+                                       tmp_acc_desired &= ~READ_CONTROL_ACCESS;
                         }
                 }
         }
author	Jeremy Allison <jra@samba.org>
	Tue, 12 Dec 2000 00:42:55 +0000 (00:42 +0000)
committer	Jeremy Allison <jra@samba.org>
	Tue, 12 Dec 2000 00:42:55 +0000 (00:42 +0000)