diff options
author | Jeremy Allison <jra@samba.org> | 2000-08-04 00:59:09 +0000 |
---|---|---|
committer | Jeremy Allison <jra@samba.org> | 2000-08-04 00:59:09 +0000 |
commit | 06a65972e872f37d88b84f22ea714feebd38f6c0 (patch) | |
tree | c32fff798861e2a92c1403b60a06dca102db1632 /source/include | |
parent | e28d01b744b3dbd33e0e54af4e7f426fa8c082b8 (diff) | |
download | samba-06a65972e872f37d88b84f22ea714feebd38f6c0.tar.gz samba-06a65972e872f37d88b84f22ea714feebd38f6c0.tar.xz samba-06a65972e872f37d88b84f22ea714feebd38f6c0.zip |
Fixed up the user/group contexts when using authenticated pipes.
Added a become_root()/unbecome_root() (push/pop security context)
around the initgroups() call to ensure it would succeed. Hmmm - I
wonder if this call being done as non-root might explain any "group access"
bugs we've had in the past....
Jeremy.
Diffstat (limited to 'source/include')
-rw-r--r-- | source/include/proto.h | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/source/include/proto.h b/source/include/proto.h index e630d7019f7..454c7f8c22a 100644 --- a/source/include/proto.h +++ b/source/include/proto.h @@ -3546,6 +3546,7 @@ void invalidate_vuid(uint16 vuid); char *validated_username(uint16 vuid); char *validated_domain(uint16 vuid); int initialize_groups(char *user, uid_t uid, gid_t gid); +NT_USER_TOKEN *create_nt_token(uid_t uid, gid_t gid, int ngroups, gid_t *groups); uint16 register_vuid(uid_t uid,gid_t gid, char *unix_name, char *requested_name, char *domain,BOOL guest); void add_session_user(char *user); @@ -3673,6 +3674,7 @@ int reply_getattrE(connection_struct *conn, char *inbuf,char *outbuf, int size, int get_current_groups(int *p_ngroups, gid_t **p_groups); void delete_nt_token(NT_USER_TOKEN **pptoken); +NT_USER_TOKEN *dup_nt_token(NT_USER_TOKEN *ptoken); BOOL push_sec_ctx(void); void set_sec_ctx(uid_t uid, gid_t gid, int ngroups, gid_t *groups, NT_USER_TOKEN *token); void set_root_sec_ctx(void); |