*/
#include "includes.h"
+#include "../libcli/security/security.h"
#include "librpc/gen_ndr/ndr_epmapper.h"
#include "librpc/gen_ndr/srv_epmapper.h"
return total;
}
+static bool is_priviledged_pipe(struct auth_serversupplied_info *info) {
+ /* If the user is not root, or has the system token, fail */
+ if ((info->utok.uid != sec_initial_uid()) &&
+ !security_token_is_system(info->ptok)) {
+ return false;
+ }
+
+ return true;
+}
+
/*
* epm_Insert
*
NTSTATUS status;
uint32_t i;
+ /* If this is not a priviledged users, return */
+ if (!is_priviledged_pipe(p->server_info)) {
+ return EPMAPPER_STATUS_CANT_PERFORM_OP;
+ }
+
tmp_ctx = talloc_stackframe();
if (tmp_ctx == NULL) {
return EPMAPPER_STATUS_NO_MEMORY;
DEBUG(3, ("_epm_Insert: Trying to add %u new entries.\n",
r->in.num_ents));
- /* TODO Check if we have a priviledged pipe/handle */
-
for (i = 0; i < r->in.num_ents; i++) {
struct dcerpc_binding *b = NULL;
struct dcesrv_endpoint *ep;
DEBUG(3, ("_epm_Delete: Trying to delete %u entries.\n",
r->in.num_ents));
+ /* If this is not a priviledged users, return */
+ if (!is_priviledged_pipe(p->server_info)) {
+ return EPMAPPER_STATUS_CANT_PERFORM_OP;
+ }
+
tmp_ctx = talloc_stackframe();
if (tmp_ctx == NULL) {
return EPMAPPER_STATUS_NO_MEMORY;
}
- /* TODO Check if we have a priviledged pipe/handle */
-
for (i = 0; i < r->in.num_ents; i++) {
struct dcerpc_binding *b = NULL;
struct dcesrv_endpoint *ep;