[SCM] Samba Shared Repository - branch master updated - release-4-0-0alpha7-1085-g81b1846

Günther Deschner gd at samba.org
Fri Apr 17 21:20:56 GMT 2009 

The branch, master has been updated
       via  81b18464be170528d5e1549868bcbddbbcd60e1e (commit)
      from  cdbbc81bad5d53397bf80898cf68d8867cf64cba (commit)

http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master


- Log -----------------------------------------------------------------
commit 81b18464be170528d5e1549868bcbddbbcd60e1e
Author: Günther Deschner <gd at samba.org>
Date:   Fri Apr 17 23:18:24 2009 +0200

    s3-spoolss: remove some direct checks for 0 uid in AddForm,SetForm,DelForm.
    
    Also add some become_root()/unbecome_root() pairs which were missing IMHO.
    
    Guenther

-----------------------------------------------------------------------

Summary of changes:
 source3/rpc_server/srv_spoolss_nt.c |   17 +++++++++++++----
 1 files changed, 13 insertions(+), 4 deletions(-)


Changeset truncated at 500 lines:

diff --git a/source3/rpc_server/srv_spoolss_nt.c b/source3/rpc_server/srv_spoolss_nt.c
index 251415a..155d651 100644
--- a/source3/rpc_server/srv_spoolss_nt.c
+++ b/source3/rpc_server/srv_spoolss_nt.c
@@ -8296,7 +8296,7 @@ WERROR _spoolss_AddForm(pipes_struct *p,
 	/* if the user is not root, doesn't have SE_PRINT_OPERATOR privilege,
 	   and not a printer admin, then fail */
 
-	if ((p->server_info->utok.uid != 0) &&
+	if ((p->server_info->utok.uid != sec_initial_uid()) &&
 	     !user_has_privileges(p->server_info->ptok, &se_printop) &&
 	     !token_contains_name_in_list(uidtoname(p->server_info->utok.uid),
 					  NULL, NULL,
@@ -8320,7 +8320,9 @@ WERROR _spoolss_AddForm(pipes_struct *p,
 		goto done;
 	}
 
+	become_root();
 	write_ntforms(&list, count);
+	unbecome_root();
 
 	/*
 	 * ChangeID must always be set if this is a printer
@@ -8353,6 +8355,7 @@ WERROR _spoolss_DeleteForm(pipes_struct *p,
 	WERROR status = WERR_OK;
 	NT_PRINTER_INFO_LEVEL *printer = NULL;
 	SE_PRIV se_printop = SE_PRINT_OPERATOR;
+	bool ret = false;
 
 	DEBUG(5,("_spoolss_DeleteForm\n"));
 
@@ -8374,7 +8377,7 @@ WERROR _spoolss_DeleteForm(pipes_struct *p,
 			goto done;
 	}
 
-	if ((p->server_info->utok.uid != 0) &&
+	if ((p->server_info->utok.uid != sec_initial_uid()) &&
 	     !user_has_privileges(p->server_info->ptok, &se_printop) &&
 	     !token_contains_name_in_list(uidtoname(p->server_info->utok.uid),
 					  NULL, NULL,
@@ -8394,8 +8397,12 @@ WERROR _spoolss_DeleteForm(pipes_struct *p,
 
 	count = get_ntforms(&list);
 
-	if ( !delete_a_form(&list, form_name, &count, &status ))
+	become_root();
+	ret = delete_a_form(&list, form_name, &count, &status);
+	unbecome_root();
+	if (ret == false) {
 		goto done;
+	}
 
 	/*
 	 * ChangeID must always be set if this is a printer
@@ -8453,7 +8460,7 @@ WERROR _spoolss_SetForm(pipes_struct *p,
 	/* if the user is not root, doesn't have SE_PRINT_OPERATOR privilege,
 	   and not a printer admin, then fail */
 
-	if ((p->server_info->utok.uid != 0) &&
+	if ((p->server_info->utok.uid != sec_initial_uid()) &&
 	     !user_has_privileges(p->server_info->ptok, &se_printop) &&
 	     !token_contains_name_in_list(uidtoname(p->server_info->utok.uid),
 					  NULL, NULL,
@@ -8471,7 +8478,9 @@ WERROR _spoolss_SetForm(pipes_struct *p,
 
 	count = get_ntforms(&list);
 	update_a_form(&list, form, count);
+	become_root();
 	write_ntforms(&list, count);
+	unbecome_root();
 
 	/*
 	 * ChangeID must always be set if this is a printer


-- 
Samba Shared Repository

More information about the samba-cvs mailing list