SEC_PRIV_TAKE_OWNERSHIP not respected in se_access_check in Samba 3.6 (v3-6-test)
Richard Sharpe
realrichardsharpe at gmail.com
Sun Feb 19 11:15:03 MST 2012
Hi,
In libcli/security/access_check.c::se_access_check it seems that there
should be a section like this:
if ((bits_remaining & SEC_RIGHTS_PRIV_BACKUP) &&
security_token_has_privilege(token, SEC_PRIV_BACKUP)) {
bits_remaining &= ~(SEC_RIGHTS_PRIV_BACKUP);
}
+ if ((bits_remaining & SEC_STD_WRITE_OWNER) &&
+ security_token_has_privilege(token, SEC_PRIV_TAKE_OWNERSHIP)) {
+ bits_remaining &= ~(SEC_STD_WRITE_OWNER);
+ }
+
/* a NULL dacl allows access */
if ((sd->type & SEC_DESC_DACL_PRESENT) && sd->dacl == NULL) {
*access_granted = access_desired;
return NT_STATUS_OK;
}
Otherwise, how does a user who has the take ownership privilege do so?
--
Regards,
Richard Sharpe
(何以解憂?唯有杜康。--曹操)
More information about the samba-technical
mailing list