s4:lsa RPC server / objectclass LDB module - fix the creation of trusted domain objects

Tridge pointed out that it is to dangerous to allow them to be created
with SYSTEM permissions. The solution using the "untrusted" flag should
be much more viable.

Autobuild-User: Matthias Dieter Wallnöfer <mdw@samba.org>
Autobuild-Date: Thu Nov 25 13:05:56 CET 2010 on sn-devel-104

diff --git a/source4/dsdb/samdb/ldb_modules/objectclass.c b/source4/dsdb/samdb/ldb_modules/objectclass.c
index d69c3f4d05ef45f3f5688fc46312b90e09cf7987..21f316400a3c3d68b2899ca6da63154ff9dad108 100644 (file)
--- a/source4/dsdb/samdb/ldb_modules/objectclass.c
+++ b/source4/dsdb/samdb/ldb_modules/objectclass.c
@@ -467,8 +467,6 @@ static int objectclass_do_add(struct oc_context *ac)
        struct ldb_request *add_req;
        struct ldb_message_element *objectclass_element, *el;
        struct ldb_message *msg;
-       struct ldb_control *as_system = ldb_request_get_control(ac->req,
-                                                               LDB_CONTROL_AS_SYSTEM_OID);
        TALLOC_CTX *mem_ctx;
        struct class_list *sorted, *current;
        const char *rdn_name = NULL;
@@ -480,10 +478,6 @@ static int objectclass_do_add(struct oc_context *ac)
        bool found;
        int ret;
 
-       if (as_system != NULL) {
-               as_system->critical = 0;
-       }
-
        msg = ldb_msg_copy_shallow(ac, ac->req->op.add.message);
        if (msg == NULL) {
                return ldb_module_oom(ac->module);
@@ -581,7 +575,7 @@ static int objectclass_do_add(struct oc_context *ac)
                        /* LSA-specific objectclasses per default not allowed */
                        if (((strcmp(value, "secret") == 0) ||
                             (strcmp(value, "trustedDomain") == 0)) &&
-                           !(dsdb_module_am_system(ac->module) || as_system)) {
+                           ldb_req_is_untrusted(ac->req)) {
                                ldb_asprintf_errstring(ldb,
                                                       "objectclass: object class '%s' is LSA-specific, rejecting creation of '%s'!",
                                                       value,

diff --git a/source4/rpc_server/lsa/dcesrv_lsa.c b/source4/rpc_server/lsa/dcesrv_lsa.c
index 1b55824bb12d041b9ac9e144d16e3a58639aad8b..4cb5da224d9e89156183d5eeb6e025c8cf7e7e98 100644 (file)
--- a/source4/rpc_server/lsa/dcesrv_lsa.c
+++ b/source4/rpc_server/lsa/dcesrv_lsa.c
@@ -1056,7 +1056,7 @@ static NTSTATUS dcesrv_lsa_CreateTrustedDomain_base(struct dcesrv_call_state *dc
        trusted_domain_state->trusted_domain_dn = talloc_reference(trusted_domain_state, msg->dn);
 
        /* create the trusted_domain */
-       ret = dsdb_add(sam_ldb, msg, DSDB_FLAG_AS_SYSTEM);
+       ret = ldb_add(sam_ldb, msg);
        switch (ret) {
        case  LDB_SUCCESS:
                break;
@@ -2949,7 +2949,7 @@ static NTSTATUS dcesrv_lsa_CreateSecret(struct dcesrv_call_state *dce_call, TALL
        secret_state->secret_dn = talloc_reference(secret_state, msg->dn);
 
        /* create the secret */
-       ret = dsdb_add(secret_state->sam_ldb, msg, DSDB_FLAG_AS_SYSTEM);
+       ret = ldb_add(secret_state->sam_ldb, msg);
        if (ret != LDB_SUCCESS) {
                DEBUG(0,("Failed to create secret record %s: %s\n",
                         ldb_dn_get_linearized(msg->dn),