diff options
author | Stefan Metzmacher <metze@samba.org> | 2014-08-20 15:00:59 +0200 |
---|---|---|
committer | Stefan Metzmacher <metze@samba.org> | 2014-08-22 02:52:50 +0200 |
commit | 5cbda7e24873ffb5946c7578576ad1af1579ae60 (patch) | |
tree | 800c622cb7f18ba969c82ccb1e711910229b6e32 /libcli | |
parent | 1b3ee5e5a336064f324715d46f80661305d93c28 (diff) | |
download | samba-5cbda7e24873ffb5946c7578576ad1af1579ae60.tar.gz samba-5cbda7e24873ffb5946c7578576ad1af1579ae60.tar.xz samba-5cbda7e24873ffb5946c7578576ad1af1579ae60.zip |
libcli/security: add better detection of SECINFO_[UN]PROTECTED_[D|S]ACL in get_sec_info()
Bug: https://bugzilla.samba.org/show_bug.cgi?id=10773
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Fri Aug 22 02:52:50 CEST 2014 on sn-devel-104
Diffstat (limited to 'libcli')
-rw-r--r-- | libcli/security/secdesc.c | 36 |
1 files changed, 20 insertions, 16 deletions
diff --git a/libcli/security/secdesc.c b/libcli/security/secdesc.c index 052bafbe1d..46b820ee24 100644 --- a/libcli/security/secdesc.c +++ b/libcli/security/secdesc.c @@ -24,13 +24,6 @@ #include "librpc/gen_ndr/ndr_security.h" #include "libcli/security/security.h" -#define ALL_SECURITY_INFORMATION (SECINFO_OWNER|SECINFO_GROUP|\ - SECINFO_DACL|SECINFO_SACL|\ - SECINFO_UNPROTECTED_SACL|\ - SECINFO_UNPROTECTED_DACL|\ - SECINFO_PROTECTED_SACL|\ - SECINFO_PROTECTED_DACL) - /* Map generic permissions to file object specific permissions */ const struct generic_mapping file_generic_mapping = { @@ -46,21 +39,32 @@ const struct generic_mapping file_generic_mapping = { uint32_t get_sec_info(const struct security_descriptor *sd) { - uint32_t sec_info = ALL_SECURITY_INFORMATION; + uint32_t sec_info = 0; SMB_ASSERT(sd); - if (sd->owner_sid == NULL) { - sec_info &= ~SECINFO_OWNER; + if (sd->owner_sid != NULL) { + sec_info |= SECINFO_OWNER; + } + if (sd->group_sid != NULL) { + sec_info |= SECINFO_GROUP; } - if (sd->group_sid == NULL) { - sec_info &= ~SECINFO_GROUP; + if (sd->sacl != NULL) { + sec_info |= SECINFO_SACL; } - if (sd->sacl == NULL) { - sec_info &= ~SECINFO_SACL; + if (sd->dacl != NULL) { + sec_info |= SECINFO_DACL; + } + + if (sd->type & SEC_DESC_SACL_PROTECTED) { + sec_info |= SECINFO_PROTECTED_SACL; + } else if (sd->type & SEC_DESC_SACL_AUTO_INHERITED) { + sec_info |= SECINFO_UNPROTECTED_SACL; } - if (sd->dacl == NULL) { - sec_info &= ~SECINFO_DACL; + if (sd->type & SEC_DESC_DACL_PROTECTED) { + sec_info |= SECINFO_PROTECTED_DACL; + } else if (sd->type & SEC_DESC_DACL_AUTO_INHERITED) { + sec_info |= SECINFO_UNPROTECTED_DACL; } return sec_info; |