git.samba.org / metze / samba / wip.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: b205d69) | patch
libcli/security: fix handling of deny type ACEs in access_check_max_allowed()
authorRalph Boehme <slow@samba.org>
Fri, 1 Mar 2019 17:57:23 +0000 (18:57 +0100)
committerJeremy Allison <jra@samba.org>
Mon, 4 Mar 2019 18:11:16 +0000 (18:11 +0000)
commit8d355dd9769e8990ce998b4c9f28977669b43616
treed719cd1d1d3b12fb1c300b7d67266fcb5c851387tree
parentb205d695d769e910a91bec87451dec189ec33740commit | diff
libcli/security: fix handling of deny type ACEs in access_check_max_allowed()

Deny ACEs must always be evaluated against explicitly granted rights
from previous ACEs.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13812

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
libcli/security/access_check.c diff | blob | history
selftest/knownfail.d/smb2.acls [deleted file] blob | history
Work in progress branches