status = SMB_VFS_GET_NT_ACL(conn, smb_fname->base_name,
(SECINFO_OWNER |
SECINFO_GROUP |
- SECINFO_DACL),&sd);
+ SECINFO_DACL), talloc_tos(), &sd);
if (!NT_STATUS_IS_OK(status)) {
DEBUG(10, ("smbd_check_access_rights: Could not get acl "
status = SMB_VFS_GET_NT_ACL(conn,
parent_dir,
SECINFO_DACL,
+ talloc_tos(),
&parent_sd);
if (!NT_STATUS_IS_OK(status)) {
status = SMB_VFS_GET_NT_ACL(conn, smb_fname->base_name,
(SECINFO_OWNER |
SECINFO_GROUP |
- SECINFO_DACL),&sd);
+ SECINFO_DACL),
+ talloc_tos(), &sd);
if (NT_STATUS_EQUAL(status, NT_STATUS_OBJECT_NAME_NOT_FOUND)) {
/*
static NTSTATUS inherit_new_acl(files_struct *fsp)
{
- TALLOC_CTX *ctx = talloc_tos();
+ TALLOC_CTX *frame = talloc_stackframe();
char *parent_name = NULL;
struct security_descriptor *parent_desc = NULL;
NTSTATUS status = NT_STATUS_OK;
bool inheritable_components = false;
size_t size = 0;
- if (!parent_dirname(ctx, fsp->fsp_name->base_name, &parent_name, NULL)) {
+ if (!parent_dirname(frame, fsp->fsp_name->base_name, &parent_name, NULL)) {
return NT_STATUS_NO_MEMORY;
}
status = SMB_VFS_GET_NT_ACL(fsp->conn,
- parent_name,
- (SECINFO_OWNER | SECINFO_GROUP | SECINFO_DACL),
- &parent_desc);
+ parent_name,
+ (SECINFO_OWNER | SECINFO_GROUP | SECINFO_DACL),
+ frame,
+ &parent_desc);
if (!NT_STATUS_IS_OK(status)) {
return status;
}
fsp->is_directory);
if (!inheritable_components && !inherit_owner) {
+ TALLOC_FREE(frame);
/* Nothing to inherit and not setting owner. */
return NT_STATUS_OK;
}
group_sid = &fsp->conn->session_info->security_token->sids[PRIMARY_GROUP_SID_INDEX];
}
- status = se_create_child_secdesc(ctx,
+ status = se_create_child_secdesc(frame,
&psd,
&size,
parent_desc,
group_sid,
fsp->is_directory);
if (!NT_STATUS_IS_OK(status)) {
+ TALLOC_FREE(frame);
return status;
}
if (inherit_owner) {
unbecome_root();
}
+ TALLOC_FREE(frame);
return status;
}
git.samba.org / kai / samba.git / blobdiff