s3:util_seaccess: make sure that we don't grant SEC_STD_DELETE to the owner by default

author Stefan Metzmacher <metze@samba.org>

Mon, 21 Mar 2011 13:15:32 +0000 (14:15 +0100)

committer Karolin Seeger <kseeger@samba.org>

Tue, 14 Jun 2011 10:56:16 +0000 (12:56 +0200)
author Stefan Metzmacher <metze@samba.org>
Mon, 21 Mar 2011 13:15:32 +0000 (14:15 +0100)
committer Karolin Seeger <kseeger@samba.org>
Tue, 14 Jun 2011 10:56:16 +0000 (12:56 +0200)
diff --git a/source3/lib/util_seaccess.c b/source3/lib/util_seaccess.c

index 369f6848a0832de7117cd962b784cfbc99c09e17..058bf3212014d70b3c3d3af10652055e2a7c1d37 100644 (file)
--- a/source3/lib/util_seaccess.c
+++ b/source3/lib/util_seaccess.c
@@ -112,9 +112,7 @@ static uint32_t access_check_max_allowed(const struct security_descriptor *sd,
         unsigned i;
  
         if (is_sid_in_token(token, sd->owner_sid)) {
-               granted |= SEC_STD_WRITE_DAC | SEC_STD_READ_CONTROL | SEC_STD_DELETE;
-       } else if (user_has_privileges(token, &se_restore)) {
-               granted |= SEC_STD_DELETE;
+               granted |= SEC_STD_WRITE_DAC | SEC_STD_READ_CONTROL;
         }
  
         if (sd->dacl == NULL) {
@@ -171,7 +169,7 @@ NTSTATUS se_access_check(const struct security_descriptor *sd,
                 access_desired |= access_check_max_allowed(sd, token);
                 access_desired &= ~SEC_FLAG_MAXIMUM_ALLOWED;
                 *access_granted = access_desired;
-               bits_remaining = access_desired & ~SEC_STD_DELETE;
+               bits_remaining = access_desired;
  
                 DEBUG(10,("se_access_check: MAX desired = 0x%x, granted = 0x%x, remaining = 0x%x\n",
                         orig_access_desired,
@@ -187,22 +185,22 @@ NTSTATUS se_access_check(const struct security_descriptor *sd,
                 }
         }
  
-       /* a NULL dacl allows access */
-       if ((sd->type & SEC_DESC_DACL_PRESENT) && sd->dacl == NULL) {
-               *access_granted = access_desired;
-               return NT_STATUS_OK;
-       }
-
-       /* the owner always gets SEC_STD_WRITE_DAC, SEC_STD_READ_CONTROL and SEC_STD_DELETE */
-       if ((bits_remaining & (SEC_STD_WRITE_DAC|SEC_STD_READ_CONTROL|SEC_STD_DELETE)) &&
+       /* the owner always gets SEC_STD_WRITE_DAC and SEC_STD_READ_CONTROL */
+       if ((bits_remaining & (SEC_STD_WRITE_DAC|SEC_STD_READ_CONTROL)) &&
             is_sid_in_token(token, sd->owner_sid)) {
-               bits_remaining &= ~(SEC_STD_WRITE_DAC|SEC_STD_READ_CONTROL|SEC_STD_DELETE);
+               bits_remaining &= ~(SEC_STD_WRITE_DAC|SEC_STD_READ_CONTROL);
         }
         if ((bits_remaining & SEC_STD_DELETE) &&
             user_has_privileges(token, &se_restore)) {
                 bits_remaining &= ~SEC_STD_DELETE;
         }
  
+       /* a NULL dacl allows access */
+       if ((sd->type & SEC_DESC_DACL_PRESENT) && sd->dacl == NULL) {
+               *access_granted = access_desired;
+               return NT_STATUS_OK;
+       }
+
         if (sd->dacl == NULL) {
                 goto done;
         }
author	Stefan Metzmacher <metze@samba.org>
	Mon, 21 Mar 2011 13:15:32 +0000 (14:15 +0100)
committer	Karolin Seeger <kseeger@samba.org>
	Tue, 14 Jun 2011 10:56:16 +0000 (12:56 +0200)