libcli/security: fix handling of deny type ACEs in access_check_max_allowed()

Deny ACEs must always be evaluated against explicitly granted rights from previous ACEs. BUG: https://bugzilla.samba.org/show_bug.cgi?id=13812 Signed-off-by: Ralph Boehme <slow@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> (cherry picked from commit 8d355dd9769e8990ce998b4c9f28977669b43616) Autobuild-User(v4-8-test): Karolin Seeger <kseeger@samba.org> Autobuild-Date(v4-8-test): Mon Mar 11 13:04:13 UTC 2019 on sn-devel-144
author: Ralph Boehme <slow@samba.org> 2019-03-01 18:57:23 +0100
committer: Karolin Seeger <kseeger@samba.org> 2019-03-11 13:04:13 +0000
commit: 29984beafc91ef6f45884adc3a0bd4617acbc0a0 (patch)
tree: c27354a4db0b2659b955175941b1538f6d54ccae /selftest
parent: 05a54f9c0efa7cd1f1e66cec2dc26658d0cce1f2 (diff)
download: samba-29984beafc91ef6f45884adc3a0bd4617acbc0a0.tar.gz
1 files changed, 0 insertions, 4 deletions
diff --git a/selftest/knownfail.d/smb2.acls b/selftest/knownfail.d/smb2.acls
deleted file mode 100644
index b76a3c719ce..00000000000
--- a/selftest/knownfail.d/smb2.acls
+++ /dev/null
@@ -1,4 +0,0 @@
-^samba3.smb2.acls.OWNER-RIGHTS-DENY1\(ad_dc\)
-^samba3.smb2.acls.OWNER-RIGHTS-DENY1\(nt4_dc\)
-^samba3.smb2.acls.DENY1\(ad_dc\)
-^samba3.smb2.acls.DENY1\(nt4_dc\)
author	Ralph Boehme <slow@samba.org>	2019-03-01 18:57:23 +0100
committer	Karolin Seeger <kseeger@samba.org>	2019-03-11 13:04:13 +0000
commit	29984beafc91ef6f45884adc3a0bd4617acbc0a0 (patch)
tree	c27354a4db0b2659b955175941b1538f6d54ccae /selftest
parent	05a54f9c0efa7cd1f1e66cec2dc26658d0cce1f2 (diff)
download	samba-29984beafc91ef6f45884adc3a0bd4617acbc0a0.tar.gz