From dc2ff916d47419209a22fface786b34d38fc8aaf Mon Sep 17 00:00:00 2001 From: Alberto Maria Fiaschi Date: Tue, 23 Feb 2016 18:22:10 +0100 Subject: [PATCH] access based share enum: handle permission set in configuration files change function is_enumeration_allowed to check permissions set by fields: valid users, invalid users, only user. BUG: https://bugzilla.samba.org/show_bug.cgi?id=8093 Signed-off-by: Alberto Maria Fiaschi --- source3/rpc_server/srvsvc/srv_srvsvc_nt.c | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/source3/rpc_server/srvsvc/srv_srvsvc_nt.c b/source3/rpc_server/srvsvc/srv_srvsvc_nt.c index b1e9d13..7f63ea6 100644 --- a/source3/rpc_server/srvsvc/srv_srvsvc_nt.c +++ b/source3/rpc_server/srvsvc/srv_srvsvc_nt.c @@ -480,8 +480,13 @@ static bool is_enumeration_allowed(struct pipes_struct *p, if (!lp_access_based_share_enum(snum)) return true; + if (!user_ok_token(p->session_info->unix_info->unix_name, + p->session_info->info->domain_name, + p->session_info->security_token, snum)) + return false; + return share_access_check(p->session_info->security_token, - lp_servicename(talloc_tos(), snum), + p_servicename(talloc_tos(), snum), FILE_READ_DATA, NULL); }