| commit | 6526d6716f6ec47af23091b816b5d25b633af1ea | |
| author | Stefan Metzmacher <metze@samba.org> | |
| Fri, 8 May 2009 12:33:49 +0000 (8 14:33 +0200) | ||
| committer | Karolin Seeger <kseeger@samba.org> | |
| Wed, 10 Jun 2009 14:17:52 +0000 (10 16:17 +0200) | ||
| tree | 7d547ee3764e49e2416ef9c15dca515016c70e1f | treesnapshot (tar.gz zip) |
| parent | 5a40f4b0f63bb756f75690c6f2dc28b46bc1029d | commitdiff |
s3:smbd: fix posix acls when setting an ACL without explicit ACE for the owner (bug#2346)
The problem of bug #2346 remains for users exported by
winbindd, because create_token_from_username() just fakes
the token when the user is not in the local sam domain. This causes
user_in_group_sid() to give totally wrong results.
In uid_entry_in_group() we need to check if we already
have the full unix token in the current_user struct.
If so we should use the current_user unix token,
instead of doing a very complex user_in_group_sid()
which doesn't give reliable results anyway.
metze
(cherry picked from commit b79eff843be392f3065e912edca1434081d93c44)
(cherry picked from commit cb5c72c0a05a78ff1b86eb02cf5ecd3d7d69623d)
The problem of bug #2346 remains for users exported by
winbindd, because create_token_from_username() just fakes
the token when the user is not in the local sam domain. This causes
user_in_group_sid() to give totally wrong results.
In uid_entry_in_group() we need to check if we already
have the full unix token in the current_user struct.
If so we should use the current_user unix token,
instead of doing a very complex user_in_group_sid()
which doesn't give reliable results anyway.
metze
(cherry picked from commit b79eff843be392f3065e912edca1434081d93c44)
(cherry picked from commit cb5c72c0a05a78ff1b86eb02cf5ecd3d7d69623d)
| source/smbd/posix_acls.c | diffblobblamehistory |