more rpcclient bughunting: PRINTER_ALL_ACCESS vs MAXIMUM_ALLOWED_ACCESS
Tim Potter
tpot at samba.org
Wed Mar 5 05:12:29 GMT 2003
On Tue, Mar 04, 2003 at 05:39:25PM +0000, Ronan Waide wrote:
> using setdriver in rpcclient wasn't working for me, so I traced
> execution and discovered that it uses open_printer_ex with an access
> level of MAXIMUM_ALLOWED_ACCESS. This only grants me read access to
> the printer when I am in fact a printer admin; changing
> MAXIMUM_ALLOWED_ACCESS to PRINTER_ALL_ACCESS makes it work
> correctly. I don't think there's a privilege leak issue here as the
> open_driver_ex code checks to see if you're root or a printer admin
> before granting you admin access.
I've checked in a fix. It's odd that MAXIMUM_ALLOWED_ACCESS doesn't
do what it's supposed to in this case. Are you running the setdriver
against a NT or Samba server?
Tim.
More information about the samba-technical
mailing list