svn commit: samba r4429 - in branches/SAMBA_4_0/source/libcli/security: .

Fri Dec 31 03:55:37 GMT 2004

Author: tridge
Date: 2004-12-31 03:55:37 +0000 (Fri, 31 Dec 2004)
New Revision: 4429

WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=4429

Log:
the owner of a file always gets SEC_STD_DELETE


Modified:
   branches/SAMBA_4_0/source/libcli/security/access_check.c


Changeset:
Modified: branches/SAMBA_4_0/source/libcli/security/access_check.c
===================================================================

--- branches/SAMBA_4_0/source/libcli/security/access_check.c	2004-12-31 03:54:49 UTC (rev 4428)
+++ branches/SAMBA_4_0/source/libcli/security/access_check.c	2004-12-31 03:55:37 UTC (rev 4429)
@@ -50,9 +50,8 @@
 	unsigned i;
 	
 	if (sid_active_in_token(sd->owner_sid, token)) {
-		granted |= SEC_STD_WRITE_DAC | SEC_STD_READ_CONTROL;
-	}
-	if (sec_privilege_check(token, SEC_PRIV_RESTORE)) {
+		granted |= SEC_STD_WRITE_DAC | SEC_STD_READ_CONTROL | SEC_STD_DELETE;
+	} else if (sec_privilege_check(token, SEC_PRIV_RESTORE)) {
 		granted |= SEC_STD_DELETE;
 	}
 
@@ -122,10 +121,10 @@
 		return NT_STATUS_ACCESS_DENIED;
 	}
 
-	/* the owner always gets SEC_STD_WRITE_DAC & SEC_STD_READ_CONTROL */
-	if ((bits_remaining & (SEC_STD_WRITE_DAC|SEC_STD_READ_CONTROL)) &&
+	/* the owner always gets SEC_STD_WRITE_DAC, SEC_STD_READ_CONTROL and SEC_STD_DELETE */
+	if ((bits_remaining & (SEC_STD_WRITE_DAC|SEC_STD_READ_CONTROL|SEC_STD_DELETE)) &&
 	    sid_active_in_token(sd->owner_sid, token)) {
-		bits_remaining &= ~(SEC_STD_WRITE_DAC|SEC_STD_READ_CONTROL);
+		bits_remaining &= ~(SEC_STD_WRITE_DAC|SEC_STD_READ_CONTROL|SEC_STD_DELETE);
 	}
 	if ((bits_remaining & SEC_STD_DELETE) &&
 	    sec_privilege_check(token, SEC_PRIV_RESTORE)) {

