return NT_STATUS_OK;
}
+/****************************************************************************
+ Setup the share access mask for a connection.
+****************************************************************************/
+
+static void create_share_access_mask(connection_struct *conn, int snum)
+{
+ const struct security_token *token = conn->session_info->security_token;
+
+ share_access_check(token,
+ lp_servicename(snum),
+ MAXIMUM_ALLOWED_ACCESS,
+ &conn->share_access);
+
+ if (security_token_has_privilege(token, SEC_PRIV_SECURITY)) {
+ conn->share_access |= SEC_FLAG_SYSTEM_SECURITY;
+ }
+ if (security_token_has_privilege(token, SEC_PRIV_RESTORE)) {
+ conn->share_access |= (SEC_RIGHTS_PRIV_RESTORE);
+ }
+ if (security_token_has_privilege(token, SEC_PRIV_BACKUP)) {
+ conn->share_access |= (SEC_RIGHTS_PRIV_BACKUP);
+ }
+ if (security_token_has_privilege(token, SEC_PRIV_TAKE_OWNERSHIP)) {
+ conn->share_access |= (SEC_STD_WRITE_OWNER);
+ }
+}
+
/****************************************************************************
Make a connection, given the snum to connect to, and the vuser of the
connecting user if appropriate.
*
*/
- share_access_check(conn->session_info->security_token,
- lp_servicename(snum), MAXIMUM_ALLOWED_ACCESS,
- &conn->share_access);
+ create_share_access_mask(conn, snum);
if ((conn->share_access & FILE_WRITE_DATA) == 0) {
if ((conn->share_access & FILE_READ_DATA) == 0) {