We only allow SetUserInformation(level=18) via NCALRPC.
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Thu May 12 14:02:27 CEST 2016 on sn-devel-144
ZERO_STRUCTP(r);
- if (security_token_is_system(p->session_info->security_token)) {
- goto query;
- }
-
- if ((p->auth.auth_type != DCERPC_AUTH_TYPE_NTLMSSP) ||
- (p->auth.auth_type != DCERPC_AUTH_TYPE_KRB5) ||
- (p->auth.auth_type != DCERPC_AUTH_TYPE_SPNEGO)) {
- return NT_STATUS_ACCESS_DENIED;
+ if (p->transport != NCALRPC) {
+ return NT_STATUS_INVALID_INFO_CLASS;
}
- if (p->auth.auth_level != DCERPC_AUTH_LEVEL_PRIVACY) {
+ if (!security_token_is_system(p->session_info->security_token)) {
return NT_STATUS_ACCESS_DENIED;
}
- query:
/*
* Do *NOT* do become_root()/unbecome_root() here ! JRA.
*/