git.samba.org
/
amitay
/
samba.git
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
| inline |
side by side
(parent:
ee2e3d5
)
Honor SeTakeOwnershiPrivilege when client asks for SEC_STD_WRITE_OWNER but has no...
author
Richard Sharpe
<realrichardsharpe@gmail.com>
Wed, 22 Feb 2012 14:25:54 +0000
(06:25 -0800)
committer
Richard Sharpe
<sharpe@samba.org>
Wed, 22 Feb 2012 18:19:32 +0000
(19:19 +0100)
Autobuild-User: Richard Sharpe <sharpe@samba.org>
Autobuild-Date: Wed Feb 22 19:19:32 CET 2012 on sn-devel-104
libcli/security/access_check.c
patch
|
blob
|
history
diff --git
a/libcli/security/access_check.c
b/libcli/security/access_check.c
index 1b02a866b1df5fab5e208294bcebf3ab71f4fc09..a9b618f577b2a1ab1cd1f6a8a93cfde78f2ecdf1 100644
(file)
--- a/
libcli/security/access_check.c
+++ b/
libcli/security/access_check.c
@@
-205,6
+205,11
@@
NTSTATUS se_access_check(const struct security_descriptor *sd,
bits_remaining &= ~(SEC_RIGHTS_PRIV_BACKUP);
}
+ if ((bits_remaining & SEC_STD_WRITE_OWNER) &&
+ security_token_has_privilege(token, SEC_PRIV_TAKE_OWNERSHIP)) {
+ bits_remaining &= ~(SEC_STD_WRITE_OWNER);
+ }
+
/* a NULL dacl allows access */
if ((sd->type & SEC_DESC_DACL_PRESENT) && sd->dacl == NULL) {
*access_granted = access_desired;