diff options
author | David O'Neill <dmo@samba.org> | 2001-01-23 20:25:25 +0000 |
---|---|---|
committer | David O'Neill <dmo@samba.org> | 2001-01-23 20:25:25 +0000 |
commit | 02f154e729b0e8465d3e1e2ac794e6ab3844ce57 (patch) | |
tree | 70f80532ede0a489cc7f7609347913e18724d04a /source/rpc_server | |
parent | 0ccc552203d6432cde844c5946b203b27f257b1a (diff) | |
download | samba-02f154e729b0e8465d3e1e2ac794e6ab3844ce57.tar.gz samba-02f154e729b0e8465d3e1e2ac794e6ab3844ce57.tar.xz samba-02f154e729b0e8465d3e1e2ac794e6ab3844ce57.zip |
Changes from APPLIANCE_HEAD:
source/rpc_server/srv_spoolss_nt.c
- add an access check to _spoolss_deleteprinter() to stop random
users and passers by from deleting printers.
source/lib/messages.c
- converted global msg_all struct to a local in message_send_all()
function.
source/include/smb.h
- added a success error code to the spoolss return codes.
source/include/proto.h
source/param/loadparm.c
source/printing/printing.c
- Added new parameter "total print jobs" to limit the total number
of print jobs across all queues. Currently individual queues are
limited by "max print jobs".
Diffstat (limited to 'source/rpc_server')
-rw-r--r-- | source/rpc_server/srv_spoolss_nt.c | 36 |
1 files changed, 24 insertions, 12 deletions
diff --git a/source/rpc_server/srv_spoolss_nt.c b/source/rpc_server/srv_spoolss_nt.c index 4f2c7fa03ed..4be338d4d61 100644 --- a/source/rpc_server/srv_spoolss_nt.c +++ b/source/rpc_server/srv_spoolss_nt.c @@ -240,18 +240,28 @@ static BOOL close_printer_handle(POLICY_HND *hnd) /**************************************************************************** delete a printer given a handle ****************************************************************************/ -static BOOL delete_printer_handle(POLICY_HND *hnd) +static uint32 delete_printer_handle(POLICY_HND *hnd) { Printer_entry *Printer = find_printer_index_by_hnd(hnd); if (!OPEN_HANDLE(Printer)) { DEBUG(0,("delete_printer_handle: Invalid handle (%s)\n", OUR_HANDLE(hnd))); - return False; + return ERROR_INVALID_HANDLE; } if (del_a_printer(Printer->dev.handlename) != 0) { DEBUG(3,("Error deleting printer %s\n", Printer->dev.handlename)); - return False; + return ERROR_INVALID_HANDLE; + } + + /* Check calling user has permission to delete printer. Note that + since we set the snum parameter to -1 only administrators can + delete the printer. This stops people with the Full Control + permission from deleting the printer. */ + + if (!print_access_check(NULL, -1, PRINTER_ACCESS_ADMINISTER)) { + DEBUG(3, ("printer delete denied by security descriptor\n")); + return ERROR_ACCESS_DENIED; } if (*lp_deleteprinter_cmd()) { @@ -280,7 +290,7 @@ static BOOL delete_printer_handle(POLICY_HND *hnd) ret = smbrun(command, tmp_file, False); if (ret != 0) { unlink(tmp_file); - return False; + return ERROR_INVALID_HANDLE; /* What to return here? */ } DEBUGADD(10,("returned [%d]\n", ret)); DEBUGADD(10,("Unlinking output file [%s]\n", tmp_file)); @@ -291,12 +301,12 @@ static BOOL delete_printer_handle(POLICY_HND *hnd) if ( ( i = lp_servicenumber( Printer->dev.handlename ) ) >= 0 ) { lp_killservice( i ); - return True; + return ERROR_SUCCESS; } else - return False; + return ERROR_ACCESS_DENIED; } - return True; + return ERROR_SUCCESS; } /**************************************************************************** @@ -855,16 +865,18 @@ uint32 _spoolss_closeprinter(POLICY_HND *handle) uint32 _spoolss_deleteprinter(POLICY_HND *handle) { Printer_entry *Printer=find_printer_index_by_hnd(handle); + uint32 result; if (Printer && Printer->document_started) - _spoolss_enddocprinter(handle); /* print job was not closed */ + _spoolss_enddocprinter(handle); /* print job was not closed */ - if (!delete_printer_handle(handle)) - return ERROR_INVALID_HANDLE; + result = delete_printer_handle(handle); - srv_spoolss_sendnotify(handle); + if (result == ERROR_SUCCESS) { + srv_spoolss_sendnotify(handle); + } - return NT_STATUS_NO_PROBLEMO; + return result; } /******************************************************************** |