git.samba.org
/
ira
/
wip.git
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
| inline |
side by side
(parent:
53dec86
)
s4-acl: SEC_FLAG_MAXIMUM_ALLOWED doesn't auto-apply privilege access masks
author
Andrew Tridgell
<tridge@samba.org>
Fri, 16 Oct 2009 22:09:19 +0000
(09:09 +1100)
committer
Andrew Tridgell
<tridge@samba.org>
Sat, 17 Oct 2009 02:01:03 +0000
(13:01 +1100)
source4/libcli/security/access_check.c
patch
|
blob
|
history
diff --git
a/source4/libcli/security/access_check.c
b/source4/libcli/security/access_check.c
index 4bede15def5302f3908b6b8ff3c81cbc06eaa2a8..954c54c38b86a4860f123cf50a5e0f06080e7155 100644
(file)
--- a/
source4/libcli/security/access_check.c
+++ b/
source4/libcli/security/access_check.c
@@
-34,12
+34,8
@@
static uint32_t access_check_max_allowed(const struct security_descriptor *sd,
if (security_token_has_sid(token, sd->owner_sid)) {
granted |= SEC_STD_WRITE_DAC | SEC_STD_READ_CONTROL | SEC_STD_DELETE;
- }
- if (security_token_has_privilege(token, SEC_PRIV_RESTORE)) {
- granted |= SEC_RIGHTS_PRIV_RESTORE;
- }
- if (security_token_has_privilege(token, SEC_PRIV_BACKUP)) {
- granted |= SEC_RIGHTS_PRIV_BACKUP;
+ } else if (security_token_has_privilege(token, SEC_PRIV_RESTORE)) {
+ granted |= SEC_STD_DELETE;
}
if (sd->dacl == NULL) {