git.samba.org / abartlet / samba.git / .git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: cdbbc81)
s3-spoolss: remove some direct checks for 0 uid in AddForm,SetForm,DelForm.
authorGünther Deschner <gd@samba.org>
Fri, 17 Apr 2009 21:18:24 +0000 (23:18 +0200)
committerGünther Deschner <gd@samba.org>
Fri, 17 Apr 2009 21:20:22 +0000 (23:20 +0200)
Also add some become_root()/unbecome_root() pairs which were missing IMHO.

Guenther

source3/rpc_server/srv_spoolss_nt.c patch | blob | history

diff --git a/source3/rpc_server/srv_spoolss_nt.c b/source3/rpc_server/srv_spoolss_nt.c
index 251415adcb4731a6b3783666484499f73e4008f3..155d651f3e2a75f1f95bc2ed55464403cbcfc879 100644 (file)
--- a/source3/rpc_server/srv_spoolss_nt.c
+++ b/source3/rpc_server/srv_spoolss_nt.c
@@ -8296,7 +8296,7 @@ WERROR _spoolss_AddForm(pipes_struct *p,
        /* if the user is not root, doesn't have SE_PRINT_OPERATOR privilege,
           and not a printer admin, then fail */
 
-       if ((p->server_info->utok.uid != 0) &&
+       if ((p->server_info->utok.uid != sec_initial_uid()) &&
             !user_has_privileges(p->server_info->ptok, &se_printop) &&
             !token_contains_name_in_list(uidtoname(p->server_info->utok.uid),
                                          NULL, NULL,
@@ -8320,7 +8320,9 @@ WERROR _spoolss_AddForm(pipes_struct *p,
                goto done;
        }
 
+       become_root();
        write_ntforms(&list, count);
+       unbecome_root();
 
        /*
         * ChangeID must always be set if this is a printer
@@ -8353,6 +8355,7 @@ WERROR _spoolss_DeleteForm(pipes_struct *p,
        WERROR status = WERR_OK;
        NT_PRINTER_INFO_LEVEL *printer = NULL;
        SE_PRIV se_printop = SE_PRINT_OPERATOR;
+       bool ret = false;
 
        DEBUG(5,("_spoolss_DeleteForm\n"));
 
@@ -8374,7 +8377,7 @@ WERROR _spoolss_DeleteForm(pipes_struct *p,
                        goto done;
        }
 
-       if ((p->server_info->utok.uid != 0) &&
+       if ((p->server_info->utok.uid != sec_initial_uid()) &&
             !user_has_privileges(p->server_info->ptok, &se_printop) &&
             !token_contains_name_in_list(uidtoname(p->server_info->utok.uid),
                                          NULL, NULL,
@@ -8394,8 +8397,12 @@ WERROR _spoolss_DeleteForm(pipes_struct *p,
 
        count = get_ntforms(&list);
 
-       if ( !delete_a_form(&list, form_name, &count, &status ))
+       become_root();
+       ret = delete_a_form(&list, form_name, &count, &status);
+       unbecome_root();
+       if (ret == false) {
                goto done;
+       }
 
        /*
         * ChangeID must always be set if this is a printer
@@ -8453,7 +8460,7 @@ WERROR _spoolss_SetForm(pipes_struct *p,
        /* if the user is not root, doesn't have SE_PRINT_OPERATOR privilege,
           and not a printer admin, then fail */
 
-       if ((p->server_info->utok.uid != 0) &&
+       if ((p->server_info->utok.uid != sec_initial_uid()) &&
             !user_has_privileges(p->server_info->ptok, &se_printop) &&
             !token_contains_name_in_list(uidtoname(p->server_info->utok.uid),
                                          NULL, NULL,
@@ -8471,7 +8478,9 @@ WERROR _spoolss_SetForm(pipes_struct *p,
 
        count = get_ntforms(&list);
        update_a_form(&list, form, count);
+       become_root();
        write_ntforms(&list, count);
+       unbecome_root();
 
        /*
         * ChangeID must always be set if this is a printer
Unnamed repository; edit this file to name it for gitweb.