diff options
author | Jeremy Allison <jra@samba.org> | 2000-08-03 22:38:43 +0000 |
---|---|---|
committer | Jeremy Allison <jra@samba.org> | 2000-08-03 22:38:43 +0000 |
commit | f87399915b009f88c41cb75a583c2972fe3daf30 (patch) | |
tree | 874d5861eba4e7ba655f2d94d6b7a8c1e37bfdfc /source3/smbd/uid.c | |
parent | 468af1937d327cc579dbbdae6e4a9b030998f049 (diff) | |
download | samba-f87399915b009f88c41cb75a583c2972fe3daf30.tar.gz samba-f87399915b009f88c41cb75a583c2972fe3daf30.tar.xz samba-f87399915b009f88c41cb75a583c2972fe3daf30.zip |
Added an NT_USER_TOKEN structure that is copied/passed around associated
with the current user. This will allow se_access_check() to quickly do
a SD check without having to translate uid/gid's to SIDs.
Still needs work on pipe calls.
Jeremy.
(This used to be commit e28d01b744b3dbd33e0e54af4e7f426fa8c082b8)
Diffstat (limited to 'source3/smbd/uid.c')
-rw-r--r-- | source3/smbd/uid.c | 8 |
1 files changed, 5 insertions, 3 deletions
diff --git a/source3/smbd/uid.c b/source3/smbd/uid.c index 4cb2c512b65..f6687e9a5ad 100644 --- a/source3/smbd/uid.c +++ b/source3/smbd/uid.c @@ -47,7 +47,7 @@ BOOL become_guest(void) initgroups(pass->pw_name, (gid_t)pass->pw_gid); #endif - set_sec_ctx(pass->pw_uid, pass->pw_gid, 0, NULL); + set_sec_ctx(pass->pw_uid, pass->pw_gid, 0, NULL, NULL); current_user.conn = NULL; current_user.vuid = UID_FIELD_INVALID; @@ -164,10 +164,11 @@ BOOL become_user(connection_struct *conn, uint16 vuid) } } - set_sec_ctx(uid, gid, current_user.ngroups, current_user.groups); + set_sec_ctx(uid, gid, current_user.ngroups, current_user.groups, current_user.nt_user_token); current_user.conn = conn; current_user.vuid = vuid; + current_user.nt_user_token = conn->nt_user_token; DEBUG(5,("become_user uid=(%d,%d) gid=(%d,%d)\n", (int)getuid(),(int)geteuid(),(int)getgid(),(int)getegid())); @@ -206,8 +207,9 @@ BOOL become_authenticated_pipe_user(pipes_struct *p) return False; } + /* JRATEST - this needs fixined w.r.t. NT user tokens... */ set_sec_ctx(p->pipe_user.uid, p->pipe_user.gid, - p->pipe_user.ngroups, p->pipe_user.groups); + p->pipe_user.ngroups, p->pipe_user.groups, NULL); return True; } |