| commit | 369c52cc8c3042dab5b60c25c03218a761ffd3ef | |
| author | Stefan Metzmacher <metze@samba.org> | |
| Fri, 8 May 2009 12:33:49 +0000 (8 14:33 +0200) | ||
| committer | Stefan Metzmacher <metze@samba.org> | |
| Fri, 8 May 2009 14:58:47 +0000 (8 16:58 +0200) | ||
| tree | 4c8ee0fbadb07aa62e21f96a38b91f108ad6e953 | treesnapshot (tar.gz zip) |
| parent | 891e677a97f90383803cd6203515ec9a98b1a430 | commitdiff |
s3:smbd: fix posix acls when setting an ACL without explicit ACE for the owner (bug#2346)
The problem of bug #2346 remains for users exported by
winbindd, because create_token_from_username() just fakes
the token when the user is not in the local sam domain. This causes
user_in_group_sid() to give totally wrong results.
In uid_entry_in_group() we need to check if we already
have the full unix token in the current_user struct.
If so we should use the current_user unix token,
instead of doing a very complex user_in_group_sid()
which doesn't give reliable results anyway.
metze
(cherry picked from commit b79eff843be392f3065e912edca1434081d93c44)
The problem of bug #2346 remains for users exported by
winbindd, because create_token_from_username() just fakes
the token when the user is not in the local sam domain. This causes
user_in_group_sid() to give totally wrong results.
In uid_entry_in_group() we need to check if we already
have the full unix token in the current_user struct.
If so we should use the current_user unix token,
instead of doing a very complex user_in_group_sid()
which doesn't give reliable results anyway.
metze
(cherry picked from commit b79eff843be392f3065e912edca1434081d93c44)
| source3/smbd/posix_acls.c | diffblobblamehistory |