[SCM] Samba Shared Repository - branch v3-6-test updated

Thu Oct 21 13:17:20 MDT 2010

The branch, v3-6-test has been updated
       via  050075f Add SeSecurityPrivilige.
      from  915e419 tdb: Set _PUBLIC_ in C file rather than header files (Debian bug 600898)

http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-6-test


- Log -----------------------------------------------------------------
commit 050075f2162bda35728c878258a5b833fed37357
Author: Jeremy Allison <jra at samba.org>
Date:   Thu Oct 21 12:16:45 2010 -0700

    Add SeSecurityPrivilige.
    
    Jeremy.

-----------------------------------------------------------------------

Summary of changes:
 source3/include/privileges.h   |    2 ++
 source3/lib/privileges_basic.c |    2 ++
 source3/lib/util_seaccess.c    |    6 +-----
 source3/smbd/nttrans.c         |   10 ++++++++++
 source3/smbd/open.c            |   27 ++++++---------------------
 5 files changed, 21 insertions(+), 26 deletions(-)


Changeset truncated at 500 lines:

diff --git a/source3/include/privileges.h b/source3/include/privileges.h
index 35fccd3..e30c988 100644
--- a/source3/include/privileges.h
+++ b/source3/include/privileges.h
@@ -61,6 +61,7 @@ typedef struct {
 #define SE_BACKUP			{ { 0x00000200, 0x00000000, 0x00000000, 0x00000000 } }
 #define SE_RESTORE			{ { 0x00000400, 0x00000000, 0x00000000, 0x00000000 } }
 #define SE_TAKE_OWNERSHIP		{ { 0x00000800, 0x00000000, 0x00000000, 0x00000000 } }
+#define SE_SECURITY			{ { 0x00001000, 0x00000000, 0x00000000, 0x00000000 } }
 
 /* defined in lib/privilegs_basic.c */
 
@@ -74,6 +75,7 @@ extern const SE_PRIV se_disk_operators;
 extern const SE_PRIV se_remote_shutdown;
 extern const SE_PRIV se_restore;
 extern const SE_PRIV se_take_ownership;
+extern const SE_PRIV se_security;
 
 
 /*
diff --git a/source3/lib/privileges_basic.c b/source3/lib/privileges_basic.c
index c970478..5843895 100644
--- a/source3/lib/privileges_basic.c
+++ b/source3/lib/privileges_basic.c
@@ -46,6 +46,7 @@ const SE_PRIV se_disk_operators  = SE_DISK_OPERATOR;
 const SE_PRIV se_remote_shutdown = SE_REMOTE_SHUTDOWN;
 const SE_PRIV se_restore         = SE_RESTORE;
 const SE_PRIV se_take_ownership  = SE_TAKE_OWNERSHIP;
+const SE_PRIV se_security	 = SE_SECURITY;
 
 /********************************************************************
  This is a list of privileges reported by a WIndows 2000 SP4 AD DC
@@ -106,6 +107,7 @@ PRIVS privs[] = {
 	{SE_PRINT_OPERATOR,	"SePrintOperatorPrivilege",	"Manage printers",			   { 0x1001,	0x0 }},
 	{SE_ADD_USERS,		"SeAddUsersPrivilege",		"Add users and groups to the domain",	   { 0x1002,	0x0 }},
 	{SE_DISK_OPERATOR,	"SeDiskOperatorPrivilege",	"Manage disk shares",			   { 0x1003,	0x0 }},
+	{SE_SECURITY,		"SeSecurityPrivilege",		"Manage auditing and security log",	   { 0x0008,	0x0 }},
 
 	{SE_END, "", "", { 0x0, 0x0 }}
 };
diff --git a/source3/lib/util_seaccess.c b/source3/lib/util_seaccess.c
index b81db43..a8b6ca5 100644
--- a/source3/lib/util_seaccess.c
+++ b/source3/lib/util_seaccess.c
@@ -179,17 +179,13 @@ NTSTATUS se_access_check(const struct security_descriptor *sd,
 			bits_remaining));
 	}
 
-#if 0
-	/* We need to support SeSecurityPrivilege for this. */
-
 	if (access_desired & SEC_FLAG_SYSTEM_SECURITY) {
-		if (user_has_privileges(token, &sec_security)) {
+		if (user_has_privileges(token, &se_security)) {
 			bits_remaining &= ~SEC_FLAG_SYSTEM_SECURITY;
 		} else {
 			return NT_STATUS_PRIVILEGE_NOT_HELD;
 		}
 	}
-#endif
 
 	/* a NULL dacl allows access */
 	if ((sd->type & SEC_DESC_DACL_PRESENT) && sd->dacl == NULL) {
diff --git a/source3/smbd/nttrans.c b/source3/smbd/nttrans.c
index f0b6eb2..efa1e8b 100644
--- a/source3/smbd/nttrans.c
+++ b/source3/smbd/nttrans.c
@@ -1836,6 +1836,16 @@ NTSTATUS smbd_do_query_security_desc(connection_struct *conn,
 	 * Get the permissions to return.
 	 */
 
+	if ((security_info_wanted & SECINFO_SACL) &&
+			!(fsp->access_mask & SEC_FLAG_SYSTEM_SECURITY)) {
+		return NT_STATUS_ACCESS_DENIED;
+	}
+
+	if ((security_info_wanted & (SECINFO_DACL|SECINFO_OWNER|SECINFO_GROUP)) &&
+			!(fsp->access_mask & SEC_STD_READ_CONTROL)) {
+		return NT_STATUS_ACCESS_DENIED;
+	}
+
 	if (!lp_nt_acl_support(SNUM(conn))) {
 		status = get_null_nt_acl(mem_ctx, &psd);
 	} else {
diff --git a/source3/smbd/open.c b/source3/smbd/open.c
index 413bc6c..6f88ba8 100644
--- a/source3/smbd/open.c
+++ b/source3/smbd/open.c
@@ -2503,8 +2503,8 @@ static NTSTATUS open_directory(connection_struct *conn,
 		return status;
 	}
 
-	/* We need to support SeSecurityPrivilege for this. */
-	if (access_mask & SEC_FLAG_SYSTEM_SECURITY) {
+	if ((access_mask & SEC_FLAG_SYSTEM_SECURITY) &&
+			!user_has_privileges(get_current_nttok(conn), &se_security)) {
 		DEBUG(10, ("open_directory: open on %s "
 			"failed - SEC_FLAG_SYSTEM_SECURITY denied.\n",
 			smb_fname_str_dbg(smb_dname)));
@@ -3018,29 +3018,14 @@ static NTSTATUS create_file_unixpath(connection_struct *conn,
 		goto fail;
 	}
 
-#if 0
-	/* We need to support SeSecurityPrivilege for this. */
 	if ((access_mask & SEC_FLAG_SYSTEM_SECURITY) &&
-	    !user_has_privileges(current_user.nt_user_token,
-				 &se_security)) {
-		status = NT_STATUS_PRIVILEGE_NOT_HELD;
-		goto fail;
-	}
-#else
-	/* We need to support SeSecurityPrivilege for this. */
-	if (access_mask & SEC_FLAG_SYSTEM_SECURITY) {
-		status = NT_STATUS_PRIVILEGE_NOT_HELD;
-		goto fail;
-	}
-	/* Don't allow a SACL set from an NTtrans create until we
-	 * support SeSecurityPrivilege. */
-	if (!VALID_STAT(smb_fname->st) &&
-			lp_nt_acl_support(SNUM(conn)) &&
-			sd && (sd->sacl != NULL)) {
+			!user_has_privileges(get_current_nttok(conn), &se_security)) {
+		DEBUG(10, ("create_file_unixpath:: open on %s "
+			"failed - SEC_FLAG_SYSTEM_SECURITY denied.\n",
+			smb_fname_str_dbg(smb_fname)));
 		status = NT_STATUS_PRIVILEGE_NOT_HELD;
 		goto fail;
 	}
-#endif
 
 	if ((conn->fs_capabilities & FILE_NAMED_STREAMS)
 	    && is_ntfs_stream_smb_fname(smb_fname)


-- 
Samba Shared Repository
