diff options
| author | Volker Lendecke <vl@samba.org> | 2011-07-04 18:35:21 +0200 |
|---|---|---|
| committer | Karolin Seeger <kseeger@samba.org> | 2011-07-26 21:53:57 +0200 |
| commit | 969a50998d526c890af0db149999a16e7764f8e3 (patch) | |
| tree | 85535db7d5c6ad382d8ca96e28855986c1cd9eda | |
| parent | c3866d10822db00566b4110f20cb0612fc9685b9 (diff) | |
| download | samba-969a50998d526c890af0db149999a16e7764f8e3.tar.gz samba-969a50998d526c890af0db149999a16e7764f8e3.tar.xz samba-969a50998d526c890af0db149999a16e7764f8e3.zip | |
s3: Calculate&store the maximum share access mask
Signed-off-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit 720fa46f9443ccbe471b265f1c2b9cb9782a3c26)
(cherry picked from commit 83c6e9d3ad76e8009778e5ba0bf22e256d06ad48)
| -rw-r--r-- | source3/include/smb.h | 1 | ||||
| -rw-r--r-- | source3/smbd/service.c | 37 |
2 files changed, 16 insertions, 22 deletions
diff --git a/source3/include/smb.h b/source3/include/smb.h index 3e68a9918fc..3a64af7eeda 100644 --- a/source3/include/smb.h +++ b/source3/include/smb.h @@ -408,6 +408,7 @@ typedef struct connection_struct { bool printer; bool ipc; bool read_only; /* Attributes for the current user of the share. */ + uint32_t share_access; /* Does this filesystem honor sub second timestamps on files and directories when setting time ? */ diff --git a/source3/smbd/service.c b/source3/smbd/service.c index 6c147b26b5b..d88c02c618b 100644 --- a/source3/smbd/service.c +++ b/source3/smbd/service.c @@ -853,28 +853,21 @@ connection_struct *make_connection_snum(struct smbd_server_connection *sconn, * */ - { - bool can_write = False; - - can_write = share_access_check( - conn->session_info->security_token, - lp_servicename(snum), FILE_WRITE_DATA, NULL); - - if (!can_write) { - if (!share_access_check( - conn->session_info->security_token, - lp_servicename(snum), FILE_READ_DATA, - NULL)) { - /* No access, read or write. */ - DEBUG(0,("make_connection: connection to %s " - "denied due to security " - "descriptor.\n", - lp_servicename(snum))); - *pstatus = NT_STATUS_ACCESS_DENIED; - goto err_root_exit; - } else { - conn->read_only = True; - } + share_access_check(conn->session_info->security_token, + lp_servicename(snum), MAXIMUM_ALLOWED_ACCESS, + &conn->share_access); + + if ((conn->share_access & FILE_WRITE_DATA) == 0) { + if ((conn->share_access & FILE_READ_DATA) == 0) { + /* No access, read or write. */ + DEBUG(0,("make_connection: connection to %s " + "denied due to security " + "descriptor.\n", + lp_servicename(snum))); + *pstatus = NT_STATUS_ACCESS_DENIED; + goto err_root_exit; + } else { + conn->read_only = True; } } /* Initialise VFS function pointers */ |