share-level permissions and SYSTEM_SECURITY to files and dirs failing even though token has SeSecurityPrivilege
jra at samba.org
Tue May 15 18:11:50 MDT 2012
On Tue, May 15, 2012 at 03:38:37PM -0700, Richard Sharpe wrote:
> in smbd_check_access_rights we first check if the share permissions
> allow the mode of access. This fails of the caller asked for
> SYSTEM_SECURITY and no further check is made.
> However, if the logged in user's token contains SeSecurityPrivilege
> and rejected_share_access was only SYSTEM_SECURITY, then I believe
> that the requested operation should be allowed to continue to further
> What say ye?
Errrr. Yeah. Sounds about right to me :-).
More information about the samba-technical