s4: ntvfs/posix: to set a DACL at open time SEC_DESC_DACL_PRESENT must be set
authorStefan Metzmacher <metze@samba.org>
Tue, 28 Oct 2008 16:13:21 +0000 (17:13 +0100)
committerStefan Metzmacher <metze@samba.org>
Tue, 28 Oct 2008 16:13:21 +0000 (17:13 +0100)
metze

source4/ntvfs/posix/pvfs_open.c

index 8a32f0122335c6549872462d6ee200c93ea2ade6..fe3c915576f9ef3051441f2b9a0db83571b8bfc7 100644 (file)
@@ -106,6 +106,7 @@ static NTSTATUS pvfs_open_setup_eas_acl(struct pvfs_state *pvfs,
                                        union smb_open *io)
 {
        NTSTATUS status;
                                        union smb_open *io)
 {
        NTSTATUS status;
+       struct security_descriptor *sd;
 
        /* setup any EAs that were asked for */
        if (io->ntcreatex.in.ea_list) {
 
        /* setup any EAs that were asked for */
        if (io->ntcreatex.in.ea_list) {
@@ -117,8 +118,9 @@ static NTSTATUS pvfs_open_setup_eas_acl(struct pvfs_state *pvfs,
                }
        }
 
                }
        }
 
+       sd = io->ntcreatex.in.sec_desc;
        /* setup an initial sec_desc if requested */
        /* setup an initial sec_desc if requested */
-       if (io->ntcreatex.in.sec_desc) {
+       if (sd && (sd->type & SEC_DESC_DACL_PRESENT)) {
                union smb_setfileinfo set;
 /* 
  * TODO: set the full ACL! 
                union smb_setfileinfo set;
 /* 
  * TODO: set the full ACL! 
@@ -129,7 +131,7 @@ static NTSTATUS pvfs_open_setup_eas_acl(struct pvfs_state *pvfs,
  */
                set.set_secdesc.in.file.ntvfs = f->ntvfs;
                set.set_secdesc.in.secinfo_flags = SECINFO_DACL;
  */
                set.set_secdesc.in.file.ntvfs = f->ntvfs;
                set.set_secdesc.in.secinfo_flags = SECINFO_DACL;
-               set.set_secdesc.in.sd = io->ntcreatex.in.sec_desc;
+               set.set_secdesc.in.sd = sd;
 
                status = pvfs_acl_set(pvfs, req, name, fd, SEC_STD_WRITE_DAC, &set);
        } else {
 
                status = pvfs_acl_set(pvfs, req, name, fd, SEC_STD_WRITE_DAC, &set);
        } else {