git.samba.org / sfrench / samba-autobuild / .git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 057c56a) | patch
s4:dsdb/descriptor: NULL out user_descriptor elements depending on the sd_flags
authorStefan Metzmacher <metze@samba.org>
Sat, 1 Dec 2012 14:10:38 +0000 (15:10 +0100)
committerMichael Adam <obnox@samba.org>
Sun, 2 Dec 2012 17:30:47 +0000 (18:30 +0100)
commit8ababf4367eb4faaeeda6cf66191aaf66a3a69da
tree8a835f38425a46f7b3d5fc594b682a56394b3992tree
parent057c56ac2443abffbe169b06a72a93f41096fb67commit | diff
s4:dsdb/descriptor: NULL out user_descriptor elements depending on the sd_flags

A client can send a full security_descriptor while just passing
sd_flags of SECINFO_DACL.

We need to NULL out elements which will be ignored depending on
the sd_flags and may set the old owner/group sids. Otherwise
the calculation of the DACL/SACL can replace CREATOR_OWNER with
the wrong sid.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Michael Adam <obnox@samba.org>
source4/dsdb/samdb/ldb_modules/descriptor.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.