[PATCH] s4: Allow samba4 to honor the SEC_STD_WRITE_OWNER bit
Matthieu Patou
mat at matws.net
Wed Jan 26 01:01:16 MST 2011
If a windows user has this bit set in the NT ACLs he is able to take
ownership of a file which is translated on the posix side has being the
owner too, in order for this to succeed we need to change to root
because most of the time the user who took the ownership from windows
side is not already the owner from posix side.
---
source4/ntvfs/posix/pvfs_acl.c | 3 ++-
1 files changed, 2 insertions(+), 1 deletions(-)
diff --git a/source4/ntvfs/posix/pvfs_acl.c b/source4/ntvfs/posix/pvfs_acl.c
index 7a3002c..c6c60c2 100644
--- a/source4/ntvfs/posix/pvfs_acl.c
+++ b/source4/ntvfs/posix/pvfs_acl.c
@@ -396,7 +396,8 @@ NTSTATUS pvfs_acl_set(struct pvfs_state *pvfs,
if (security_token_has_privilege(req->session_info->security_token,
SEC_PRIV_RESTORE) ||
security_token_has_privilege(req->session_info->security_token,
- SEC_PRIV_TAKE_OWNERSHIP)) {
+ SEC_PRIV_TAKE_OWNERSHIP) ||
+ access_mask & SEC_STD_WRITE_OWNER) {
void *privs;
privs = root_privileges();
if (fd == -1) {
--
1.7.1
--------------060804020508070506070206--
More information about the samba-technical
mailing list