more rpcclient bughunting: PRINTER_ALL_ACCESS vs
MAXIMUM_ALLOWED_ACCESS
Ronan Waide
waider at waider.ie
Tue Mar 4 17:39:25 GMT 2003
Hi folks,
using setdriver in rpcclient wasn't working for me, so I traced
execution and discovered that it uses open_printer_ex with an access
level of MAXIMUM_ALLOWED_ACCESS. This only grants me read access to
the printer when I am in fact a printer admin; changing
MAXIMUM_ALLOWED_ACCESS to PRINTER_ALL_ACCESS makes it work
correctly. I don't think there's a privilege leak issue here as the
open_driver_ex code checks to see if you're root or a printer admin
before granting you admin access.
Cheers,
Waider.
--
That actually holds as a general rule. French folk will often help out
in fluent english after you've stuttered for ten minutes, telling them
you are the son of a fermented potato and would like to wash your
wife's chilblains in some fresh orange juice.
More information about the samba-technical
mailing list