SEC_RIGHTS_DIR_PRIV_BACKUP and SEC_RIGHTS_DIR_PRIV_RESTORE aren't used anywhere....

Ensure the privilege rights are always specific rights, not generic.
By the time the privilege rights are examined, we've already mapped
from generic to specific in the access_mask.

diff --git a/librpc/idl/security.idl b/librpc/idl/security.idl
index 5973fc52987c2836e247d07bd21cf0b8ee0ccd7b..33085c4e149a35bf580e33d9fef34ec78c0b60ca 100644 (file)
--- a/librpc/idl/security.idl
+++ b/librpc/idl/security.idl
@@ -147,19 +147,18 @@ interface security
        const int SEC_RIGHTS_DIR_ALL      = SEC_RIGHTS_FILE_ALL;
 
        /* rights granted by some specific privileges */
-       const int SEC_RIGHTS_PRIV_BACKUP  = SEC_STD_READ_CONTROL | 
+       const int SEC_RIGHTS_PRIV_BACKUP  = SEC_STD_READ_CONTROL |
                                            SEC_FLAG_SYSTEM_SECURITY |
-                                           SEC_GENERIC_READ;
-       const int SEC_RIGHTS_DIR_PRIV_BACKUP  = SEC_RIGHTS_PRIV_BACKUP 
-                                             | SEC_DIR_TRAVERSE;
+                                           SEC_RIGHTS_FILE_READ |
+                                           SEC_DIR_TRAVERSE;
 
-       const int SEC_RIGHTS_PRIV_RESTORE = SEC_STD_WRITE_DAC | 
+       const int SEC_RIGHTS_PRIV_RESTORE = SEC_STD_WRITE_DAC |
                                            SEC_STD_WRITE_OWNER |
                                            SEC_FLAG_SYSTEM_SECURITY |
-                                           SEC_STD_DELETE;
-       const int SEC_RIGHTS_DIR_PRIV_RESTORE = SEC_RIGHTS_PRIV_RESTORE | 
+                                           SEC_RIGHTS_FILE_WRITE |
                                            SEC_DIR_ADD_FILE |
-                                           SEC_DIR_ADD_SUBDIR;
+                                           SEC_DIR_ADD_SUBDIR |
+                                           SEC_STD_DELETE;
 
        /* combinations of standard masks. */
        const int STANDARD_RIGHTS_ALL_ACCESS            = SEC_STD_ALL; /* 0x001f0000 */