Ignore:
Timestamp:
Nov 27, 2012, 4:56:06 PM (13 years ago)
Author:
Silvan Scherrer
Message:

Samba Server: updated vendor to 3.6.9

File:
1 edited

Legend:

Unmodified
Added
Removed

  • vendor/current/libcli/security/access_check.c

    r740 r746  
    159159        uint32_t i;
    160160        uint32_t bits_remaining;
     161        uint32_t explicitly_denied_bits = 0;
    161162
    162163        *access_granted = access_desired;
     
    178179        }
    179180
    180         /* s3 had this with #if 0 previously. To be sure the merge
    181            doesn't change any behaviour, we have the above #if check
    182            on _SAMBA_BUILD_. */
    183         if (access_desired & SEC_FLAG_SYSTEM_SECURITY) {
     181        /* the owner always gets SEC_STD_WRITE_DAC and SEC_STD_READ_CONTROL */
     182        if ((bits_remaining & (SEC_STD_WRITE_DAC|SEC_STD_READ_CONTROL)) &&
     183            security_token_has_sid(token, sd->owner_sid)) {
     184                bits_remaining &= ~(SEC_STD_WRITE_DAC|SEC_STD_READ_CONTROL);
     185        }
     186
     187        /* a NULL dacl allows access */
     188        if ((sd->type & SEC_DESC_DACL_PRESENT) && sd->dacl == NULL) {
     189                *access_granted = access_desired;
     190                return NT_STATUS_OK;
     191        }
     192
     193        if (sd->dacl == NULL) {
     194                goto done;
     195        }
     196
     197        /* check each ace in turn. */
     198        for (i=0; bits_remaining && i < sd->dacl->num_aces; i++) {
     199                struct security_ace *ace = &sd->dacl->aces[i];
     200
     201                if (ace->flags & SEC_ACE_FLAG_INHERIT_ONLY) {
     202                        continue;
     203                }
     204
     205                if (!security_token_has_sid(token, &ace->trustee)) {
     206                        continue;
     207                }
     208
     209                switch (ace->type) {
     210                case SEC_ACE_TYPE_ACCESS_ALLOWED:
     211                        bits_remaining &= ~ace->access_mask;
     212                        break;
     213                case SEC_ACE_TYPE_ACCESS_DENIED:
     214                case SEC_ACE_TYPE_ACCESS_DENIED_OBJECT:
     215                        explicitly_denied_bits |= (bits_remaining & ace->access_mask);
     216                        break;
     217                default:        /* Other ACE types not handled/supported */
     218                        break;
     219                }
     220        }
     221
     222        bits_remaining |= explicitly_denied_bits;
     223
     224        /*
     225         * We check privileges here because they override even DENY entries.
     226         */
     227
     228        /* Does the user have the privilege to gain SEC_PRIV_SECURITY? */
     229        if (bits_remaining & SEC_FLAG_SYSTEM_SECURITY) {
    184230                if (security_token_has_privilege(token, SEC_PRIV_SECURITY)) {
    185231                        bits_remaining &= ~SEC_FLAG_SYSTEM_SECURITY;
     
    189235        }
    190236
    191         /* the owner always gets SEC_STD_WRITE_DAC and SEC_STD_READ_CONTROL */
    192         if ((bits_remaining & (SEC_STD_WRITE_DAC|SEC_STD_READ_CONTROL)) &&
    193             security_token_has_sid(token, sd->owner_sid)) {
    194                 bits_remaining &= ~(SEC_STD_WRITE_DAC|SEC_STD_READ_CONTROL);
    195         }
    196 
    197237        /* TODO: remove this, as it is file server specific */
    198238        if ((bits_remaining & SEC_RIGHTS_PRIV_RESTORE) &&
     
    205245        }
    206246
    207         /* a NULL dacl allows access */
    208         if ((sd->type & SEC_DESC_DACL_PRESENT) && sd->dacl == NULL) {
    209                 *access_granted = access_desired;
    210                 return NT_STATUS_OK;
    211         }
    212 
    213         if (sd->dacl == NULL) {
    214                 goto done;
    215         }
    216 
    217         /* check each ace in turn. */
    218         for (i=0; bits_remaining && i < sd->dacl->num_aces; i++) {
    219                 struct security_ace *ace = &sd->dacl->aces[i];
    220 
    221                 if (ace->flags & SEC_ACE_FLAG_INHERIT_ONLY) {
    222                         continue;
    223                 }
    224 
    225                 if (!security_token_has_sid(token, &ace->trustee)) {
    226                         continue;
    227                 }
    228 
    229                 switch (ace->type) {
    230                 case SEC_ACE_TYPE_ACCESS_ALLOWED:
    231                         bits_remaining &= ~ace->access_mask;
    232                         break;
    233                 case SEC_ACE_TYPE_ACCESS_DENIED:
    234                 case SEC_ACE_TYPE_ACCESS_DENIED_OBJECT:
    235                         if (bits_remaining & ace->access_mask) {
    236                                 return NT_STATUS_ACCESS_DENIED;
    237                         }
    238                         break;
    239                 default:        /* Other ACE types not handled/supported */
    240                         break;
    241                 }
     247        if ((bits_remaining & SEC_STD_WRITE_OWNER) &&
     248             security_token_has_privilege(token, SEC_PRIV_TAKE_OWNERSHIP)) {
     249                bits_remaining &= ~(SEC_STD_WRITE_OWNER);
    242250        }
    243251
Note: See TracChangeset for help on using the changeset viewer.