| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| |
|
|
|
|
|
|
|
|
| |
security descriptors is disabled (as it is in this code).
If get/set sd's is enabled spooler.exe crashes on NT.
I'll investigate and fix that issue next.
Jeremy.
|
| |
|
|
| |
Jeremy.
|
| | |
|
| |
|
|
|
|
|
|
|
|
| |
rpc_parse/parse_spoolss.c: Added note about prs_align when marshalling a SEC_DESC...
rpc_server/srv_lsa.c: Tim - your changes broke the display of the 'everyone' group
when doing file access with no winbindd running. This is a partial
fix - more when I have analysed this more.
rpc_server/srv_spoolss_nt.c: Fix for the 'change driver' problem ! Hurrah !
Jeremy.
|
| |
|
|
| |
Jeremy.
|
| |
|
|
|
|
|
| |
jreilly@hp.com.
Memory leak fix for new sec_ctx code (sorry Tim :-).
Jeremy.
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
| |
Implemented become_root() and friends in terms of push/pop/set security
contexts.
|
| | |
|
| |
|
|
| |
Delete OriginalDir stuff.
|
| |
|
|
| |
this stuff doesn't need to be done as root anyway.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
code. This code is now implemented as a stack of security contexts, where
a security context is defined as a set of effective user, group and
supplementary group ids.
The following functions are implemented:
BOOL push_sec_ctx(void);
Create a new security context on the stack which is the same as the
current security context.
void set_sec_ctx(uid_t uid, gid_t gid, int ngroups, gid_t *groups);
Set the current security context to a given set of user and group
ids.
void set_root_sec_ctx(void);
Set to uid = gid = 0. No supplementary groups are set.
BOOL pop_sec_ctx(void);
Pop a security context from the stack and restore the user and group
permissions of the previous context.
void init_sec_ctx(void);
Initialise the security context stack. This must be called before any
of the other operations are used or weird things may happen.
The idea is that there is a base security context which is either root or
some authenticated unix user. Other security contexts can be pushed and
popped as needed for things like changing passwords, or rpc pipe operations
where the rpc pipe user is different from the smb user.
|
| |
|
|
|
|
|
|
| |
blocks around a few unimplemented functions. Also had to
add cli_reg.c to Makefile.in
--jerry
|
| |
|
|
|
|
|
| |
plan' :-)
Gerald & I discussed with HP. More changes to follow.
Jeremy.
|
| |
|
|
|
|
|
|
|
| |
Removed unistr_to_ascii() as it was never used.
printing/nt_printing.c: Removed "DUMMY.XX" files.
rpc_server/srv_spoolss_nt.c: Use dos_PutUniCode() instead of ascii_to_unistr().
Attempted to fix the "return value" size code based on J.F's
comments. This needs looking at.
Jeremy.
|
| | |
|
| |
|
|
| |
Moved the S_* macros from smb.h to includes.h
|
| |
|
|
| |
Jeremy.
|
| |
|
|
|
| |
memory fixes.
Jeremy.
|
| |
|
|
| |
Jeremy.
|
| |
|
|
|
| |
and the main code is declared as VOLATILE SIG_ATOMIC_T.
Jeremy.
|
| |
|
|
|
|
| |
apparently they were not deliberate, they were probably a result of
Luke accidentally copying a CVS directory from one spot to another in
error
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
| |
instead of two prs_data pointers.
|
| |
|
|
|
| |
descriptors. These seem to be made up of the standard and generic access
rights rather than object specific access rights.
|
| | |
|
| |
|
|
|
| |
descriptors. Currently returns True (plus debug output) which should not
affect the behaviour of nt or lanman printing.
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
through to the individual pipe api calls. Instead of passing two
prs_struct pointers, we now pass the pipes_struct pointer which contains
the former information as well as other useful stuff like the vuid.
Pass the vuid from the pipes_struct down to the lower level spoolss
functions to perform security checks.
ZERO_STRUCTP the info_2 structure before filling it. Free the device mode
field before freeing the info_2 to avoid a memory leak. Fixed
uninitialised pointer bug in fill_job_info_2().
|
| |
|
|
|
|
|
|
|
| |
through to the individual pipe api calls. Instead of passing two
prs_struct pointers, we now pass the pipes_struct pointer which contains
the former information as well as other useful stuff like the vuid.
Pass the vuid from the pipes_struct down to the lower level spoolss
functions to perform security checks.
|
| |
|
|
|
|
|
|
|
| |
through to the individual pipe api calls. Instead of passing two
prs_struct pointers, we now pass the pipes_struct pointer which contains
the former information as well as other useful stuff like the vuid.
Removed dependency on extern current_user and fetch the vuid from the
pipes_struct.
|
| |
|
|
|
|
| |
through to the individual pipe api calls. Instead of passing two
prs_struct pointers, we now pass the pipes_struct pointer which contains
the former information as well as other useful stuff like the vuid.
|
| | |
|
| |
|
|
| |
- don't use as many locks on a store
|
| | |
|
