[SCM] Samba Shared Repository - branch master updated -
release-4-0-0alpha7-1085-g81b1846
Günther Deschner
gd at samba.org
Fri Apr 17 21:20:56 GMT 2009
The branch, master has been updated
via 81b18464be170528d5e1549868bcbddbbcd60e1e (commit)
from cdbbc81bad5d53397bf80898cf68d8867cf64cba (commit)
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit 81b18464be170528d5e1549868bcbddbbcd60e1e
Author: Günther Deschner <gd at samba.org>
Date: Fri Apr 17 23:18:24 2009 +0200
s3-spoolss: remove some direct checks for 0 uid in AddForm,SetForm,DelForm.
Also add some become_root()/unbecome_root() pairs which were missing IMHO.
Guenther
-----------------------------------------------------------------------
Summary of changes:
source3/rpc_server/srv_spoolss_nt.c | 17 +++++++++++++----
1 files changed, 13 insertions(+), 4 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/rpc_server/srv_spoolss_nt.c b/source3/rpc_server/srv_spoolss_nt.c
index 251415a..155d651 100644
--- a/source3/rpc_server/srv_spoolss_nt.c
+++ b/source3/rpc_server/srv_spoolss_nt.c
@@ -8296,7 +8296,7 @@ WERROR _spoolss_AddForm(pipes_struct *p,
/* if the user is not root, doesn't have SE_PRINT_OPERATOR privilege,
and not a printer admin, then fail */
- if ((p->server_info->utok.uid != 0) &&
+ if ((p->server_info->utok.uid != sec_initial_uid()) &&
!user_has_privileges(p->server_info->ptok, &se_printop) &&
!token_contains_name_in_list(uidtoname(p->server_info->utok.uid),
NULL, NULL,
@@ -8320,7 +8320,9 @@ WERROR _spoolss_AddForm(pipes_struct *p,
goto done;
}
+ become_root();
write_ntforms(&list, count);
+ unbecome_root();
/*
* ChangeID must always be set if this is a printer
@@ -8353,6 +8355,7 @@ WERROR _spoolss_DeleteForm(pipes_struct *p,
WERROR status = WERR_OK;
NT_PRINTER_INFO_LEVEL *printer = NULL;
SE_PRIV se_printop = SE_PRINT_OPERATOR;
+ bool ret = false;
DEBUG(5,("_spoolss_DeleteForm\n"));
@@ -8374,7 +8377,7 @@ WERROR _spoolss_DeleteForm(pipes_struct *p,
goto done;
}
- if ((p->server_info->utok.uid != 0) &&
+ if ((p->server_info->utok.uid != sec_initial_uid()) &&
!user_has_privileges(p->server_info->ptok, &se_printop) &&
!token_contains_name_in_list(uidtoname(p->server_info->utok.uid),
NULL, NULL,
@@ -8394,8 +8397,12 @@ WERROR _spoolss_DeleteForm(pipes_struct *p,
count = get_ntforms(&list);
- if ( !delete_a_form(&list, form_name, &count, &status ))
+ become_root();
+ ret = delete_a_form(&list, form_name, &count, &status);
+ unbecome_root();
+ if (ret == false) {
goto done;
+ }
/*
* ChangeID must always be set if this is a printer
@@ -8453,7 +8460,7 @@ WERROR _spoolss_SetForm(pipes_struct *p,
/* if the user is not root, doesn't have SE_PRINT_OPERATOR privilege,
and not a printer admin, then fail */
- if ((p->server_info->utok.uid != 0) &&
+ if ((p->server_info->utok.uid != sec_initial_uid()) &&
!user_has_privileges(p->server_info->ptok, &se_printop) &&
!token_contains_name_in_list(uidtoname(p->server_info->utok.uid),
NULL, NULL,
@@ -8471,7 +8478,9 @@ WERROR _spoolss_SetForm(pipes_struct *p,
count = get_ntforms(&list);
update_a_form(&list, form, count);
+ become_root();
write_ntforms(&list, count);
+ unbecome_root();
/*
* ChangeID must always be set if this is a printer
--
Samba Shared Repository
More information about the samba-cvs
mailing list