| commit | 21e4502b54fbf4ae1e79dbf162c4342c537d3600 | |
| author | Stefan Metzmacher <metze@samba.org> | |
| Fri, 8 May 2009 12:33:49 +0000 (8 14:33 +0200) | ||
| committer | Karolin Seeger <kseeger@samba.org> | |
| Tue, 2 Jun 2009 10:41:55 +0000 (2 12:41 +0200) | ||
| tree | 52fae287fe0d3d25b18acb227e7a5c87ba71ae97 | treesnapshot (tar.gz zip) |
| parent | f28e99bc939ab739a35f19675a511319479fe0f3 | commitdiff |
s3:smbd: fix posix acls when setting an ACL without explicit ACE for the owner (bug#2346)
The problem of bug #2346 remains for users exported by
winbindd, because create_token_from_username() just fakes
the token when the user is not in the local sam domain. This causes
user_in_group_sid() to give totally wrong results.
In uid_entry_in_group() we need to check if we already
have the full unix token in the current_user struct.
If so we should use the current_user unix token,
instead of doing a very complex user_in_group_sid()
which doesn't give reliable results anyway.
metze
(cherry picked from commit b79eff843be392f3065e912edca1434081d93c44)
(cherry picked from commit cb5c72c0a05a78ff1b86eb02cf5ecd3d7d69623d)
(cherry picked from commit ef0d72513b5404f176186632aab67d7b87039ba2)
The problem of bug #2346 remains for users exported by
winbindd, because create_token_from_username() just fakes
the token when the user is not in the local sam domain. This causes
user_in_group_sid() to give totally wrong results.
In uid_entry_in_group() we need to check if we already
have the full unix token in the current_user struct.
If so we should use the current_user unix token,
instead of doing a very complex user_in_group_sid()
which doesn't give reliable results anyway.
metze
(cherry picked from commit b79eff843be392f3065e912edca1434081d93c44)
(cherry picked from commit cb5c72c0a05a78ff1b86eb02cf5ecd3d7d69623d)
(cherry picked from commit ef0d72513b5404f176186632aab67d7b87039ba2)
| source/smbd/posix_acls.c | diffblobblamehistory |