| commit | b79eff843be392f3065e912edca1434081d93c44 | |
| author | Stefan Metzmacher <metze@samba.org> | |
| Fri, 8 May 2009 12:33:49 +0000 (8 14:33 +0200) | ||
| committer | Stefan Metzmacher <metze@samba.org> | |
| Fri, 8 May 2009 14:56:46 +0000 (8 16:56 +0200) | ||
| tree | c67c77e97e078f07a3cc375379947bd3c3c37976 | treesnapshot (tar.gz zip) |
| parent | 7d6e4c7e950592112d09f7d98393c41e8097bba8 | commitdiff |
s3:smbd: fix posix acls when setting an ACL without explicit ACE for the owner (bug#2346)
The problem of bug #2346 remains for users exported by
winbindd, because create_token_from_username() just fakes
the token when the user is not in the local sam domain. This causes
user_in_group_sid() to give totally wrong results.
In uid_entry_in_group() we need to check if we already
have the full unix token in the current_user struct.
If so we should use the current_user unix token,
instead of doing a very complex user_in_group_sid()
which doesn't give reliable results anyway.
metze
The problem of bug #2346 remains for users exported by
winbindd, because create_token_from_username() just fakes
the token when the user is not in the local sam domain. This causes
user_in_group_sid() to give totally wrong results.
In uid_entry_in_group() we need to check if we already
have the full unix token in the current_user struct.
If so we should use the current_user unix token,
instead of doing a very complex user_in_group_sid()
which doesn't give reliable results anyway.
metze
| source3/smbd/posix_acls.c | diffblobblamehistory |