From 83c6e9d3ad76e8009778e5ba0bf22e256d06ad48 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Mon, 4 Jul 2011 18:35:21 +0200 Subject: [PATCH] s3: Calculate&store the maximum share access mask Signed-off-by: Stefan Metzmacher (cherry picked from commit 720fa46f9443ccbe471b265f1c2b9cb9782a3c26) --- source3/include/smb.h | 1 + source3/smbd/service.c | 37 +++++++++++++++---------------------- 2 files changed, 16 insertions(+), 22 deletions(-) diff --git a/source3/include/smb.h b/source3/include/smb.h index 3e68a9918fc..3a64af7eeda 100644 --- a/source3/include/smb.h +++ b/source3/include/smb.h @@ -408,6 +408,7 @@ typedef struct connection_struct { bool printer; bool ipc; bool read_only; /* Attributes for the current user of the share. */ + uint32_t share_access; /* Does this filesystem honor sub second timestamps on files and directories when setting time ? */ diff --git a/source3/smbd/service.c b/source3/smbd/service.c index 6c147b26b5b..d88c02c618b 100644 --- a/source3/smbd/service.c +++ b/source3/smbd/service.c @@ -853,28 +853,21 @@ connection_struct *make_connection_snum(struct smbd_server_connection *sconn, * */ - { - bool can_write = False; - - can_write = share_access_check( - conn->session_info->security_token, - lp_servicename(snum), FILE_WRITE_DATA, NULL); - - if (!can_write) { - if (!share_access_check( - conn->session_info->security_token, - lp_servicename(snum), FILE_READ_DATA, - NULL)) { - /* No access, read or write. */ - DEBUG(0,("make_connection: connection to %s " - "denied due to security " - "descriptor.\n", - lp_servicename(snum))); - *pstatus = NT_STATUS_ACCESS_DENIED; - goto err_root_exit; - } else { - conn->read_only = True; - } + share_access_check(conn->session_info->security_token, + lp_servicename(snum), MAXIMUM_ALLOWED_ACCESS, + &conn->share_access); + + if ((conn->share_access & FILE_WRITE_DATA) == 0) { + if ((conn->share_access & FILE_READ_DATA) == 0) { + /* No access, read or write. */ + DEBUG(0,("make_connection: connection to %s " + "denied due to security " + "descriptor.\n", + lp_servicename(snum))); + *pstatus = NT_STATUS_ACCESS_DENIED; + goto err_root_exit; + } else { + conn->read_only = True; } } /* Initialise VFS function pointers */ -- 2.11.4.GIT