git.samba.org
/
samba.git
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
| inline |
side by side
(parent:
870f2d3
)
s3-lsa: Fix _lsa_CreateAccount() for usage of SEC_FLAG_MAXIMUM_ALLOWED.
author
Günther Deschner
<gd@samba.org>
Tue, 20 Oct 2009 13:54:40 +0000
(15:54 +0200)
committer
Günther Deschner
<gd@samba.org>
Tue, 20 Oct 2009 13:57:06 +0000
(15:57 +0200)
Found by RPC-LSA-PRIVILEGES torture test.
Guenther
source3/rpc_server/srv_lsa_nt.c
patch
|
blob
|
history
diff --git
a/source3/rpc_server/srv_lsa_nt.c
b/source3/rpc_server/srv_lsa_nt.c
index a3a1218956efc4fb29334f00e7df706a1dd9ae0c..9d1b5b91a1d921c8e1966f798e024403ea761438 100644
(file)
--- a/
source3/rpc_server/srv_lsa_nt.c
+++ b/
source3/rpc_server/srv_lsa_nt.c
@@
-1665,6
+1665,11
@@
NTSTATUS _lsa_CreateAccount(pipes_struct *p,
return NT_STATUS_ACCESS_DENIED;
}
+ /* Work out max allowed. */
+ map_max_allowed_access(p->server_info->ptok,
+ &p->server_info->utok,
+ &r->in.access_mask);
+
/* map the generic bits to the lsa policy ones */
se_map_generic(&r->in.access_mask, &lsa_account_mapping);