svn commit: samba r4150 - in branches/SAMBA_4_0/source/libcli/security: .

[tridge at samba.org]

Author: tridge
Date: 2004-12-11 12:01:20 +0000 (Sat, 11 Dec 2004)
New Revision: 4150

WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=4150

Log:
- add fns for manipulating the privilege_mask in a security_token

- add the hooks in access_check that check the privilege bitmasks for
  SEC_STD_DELETE and SEC_FLAG_SYSTEM_SECURITY




Modified:
   branches/SAMBA_4_0/source/libcli/security/access_check.c
   branches/SAMBA_4_0/source/libcli/security/privilege.c


Changeset:
Modified: branches/SAMBA_4_0/source/libcli/security/access_check.c
===================================================================
--- branches/SAMBA_4_0/source/libcli/security/access_check.c	2004-12-11 11:11:57 UTC (rev 4149)
+++ branches/SAMBA_4_0/source/libcli/security/access_check.c	2004-12-11 12:01:20 UTC (rev 4150)
@@ -50,8 +50,11 @@
 	unsigned i;
 	
 	if (sid_active_in_token(sd->owner_sid, token)) {
-		granted |= SEC_STD_WRITE_DAC | SEC_STD_READ_CONTROL | SEC_STD_DELETE;
+		granted |= SEC_STD_WRITE_DAC | SEC_STD_READ_CONTROL;
 	}
+	if (sec_privilege_check(token, SEC_PRIV_RESTORE)) {
+		granted |= SEC_STD_DELETE;
+	}
 
 	for (i = 0;i<sd->dacl->num_aces; i++) {
 		struct security_ace *ace = &sd->dacl->aces[i];
@@ -96,17 +99,13 @@
 		bits_remaining = access_desired & ~SEC_STD_DELETE;
 	}
 
-#if 0
-	/* this is where we should check for the "system security" privilege, once we 
-	   move to the full security_token and not just the nt_user_token */
 	if (access_desired & SEC_FLAG_SYSTEM_SECURITY) {
-		if (privilege_in_token(SE_PRIVILEGE_SYSTEM_SECURITY, token)) {
+		if (sec_privilege_check(token, SEC_PRIV_SECURITY)) {
 			bits_remaining &= ~SEC_FLAG_SYSTEM_SECURITY;
 		} else {
 			return NT_STATUS_ACCESS_DENIED;
 		}
 	}
-#endif
 
 	/* dacl not present allows access */
 	if (!(sd->type & SEC_DESC_DACL_PRESENT)) {
@@ -124,6 +123,10 @@
 	    sid_active_in_token(sd->owner_sid, token)) {
 		bits_remaining &= ~(SEC_STD_WRITE_DAC|SEC_STD_READ_CONTROL);
 	}
+	if ((bits_remaining & SEC_STD_DELETE) &&
+	    sec_privilege_check(token, SEC_PRIV_RESTORE)) {
+		bits_remaining &= ~SEC_STD_DELETE;
+	}
 
 	/* check each ace in turn. */
 	for (i=0; bits_remaining && i < sd->dacl->num_aces; i++) {

Modified: branches/SAMBA_4_0/source/libcli/security/privilege.c
===================================================================
--- branches/SAMBA_4_0/source/libcli/security/privilege.c	2004-12-11 11:11:57 UTC (rev 4149)
+++ branches/SAMBA_4_0/source/libcli/security/privilege.c	2004-12-11 12:01:20 UTC (rev 4150)
@@ -82,3 +82,27 @@
 	}
 	return -1;
 }
+
+
+/*
+  return True if a security_token has a particular privilege bit set
+*/
+BOOL sec_privilege_check(const struct security_token *token, unsigned int privilege)
+{
+	uint64_t mask = 1;
+	mask <<= (privilege-1);
+	if (token->privilege_mask & mask) {
+		return True;
+	}
+	return False;
+}
+
+/*
+  set a bit in the privilege mask
+*/
+void sec_privilege_set(struct security_token *token, unsigned int privilege)
+{
+	uint64_t mask = 1;
+	mask <<= (privilege-1);
+	token->privilege_mask |= mask;
+}