diff options
| author | Ralph Boehme <slow@samba.org> | 2016-08-26 10:04:53 +0200 |
|---|---|---|
| committer | Ralph Boehme <slow@samba.org> | 2016-08-31 18:41:20 +0200 |
| commit | b72287514cc78c9019db7385af4c9b9d94f60894 (patch) | |
| tree | b421b812d5632c60d469aa09761180efae446441 /source4 | |
| parent | cbe8f0d63b90e4380da35e9f9f5a05d8ccc2058b (diff) | |
| download | samba-b72287514cc78c9019db7385af4c9b9d94f60894.tar.gz | |
vfs_acl_xattr|tdb: enforced settings when ignore system acls=yes
When "ignore system acls" is set to "yes, we need to ensure filesystem
permission always grant access so that when doing our own access checks
we don't run into situations where we grant access but the filesystem
doesn't.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=12181
Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Wed Aug 31 18:41:20 CEST 2016 on sn-devel-144
Diffstat (limited to 'source4')
| -rw-r--r-- | source4/torture/vfs/acl_xattr.c | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/source4/torture/vfs/acl_xattr.c b/source4/torture/vfs/acl_xattr.c index 7fd10d0dcd1..df4dd299fe0 100644 --- a/source4/torture/vfs/acl_xattr.c +++ b/source4/torture/vfs/acl_xattr.c @@ -169,8 +169,8 @@ static bool test_default_acl_posix(struct torture_context *tctx, exp_sd = security_descriptor_dacl_create( tctx, 0, owner_sid, group_sid, owner_sid, SEC_ACE_TYPE_ACCESS_ALLOWED, SEC_RIGHTS_FILE_ALL, 0, - group_sid, SEC_ACE_TYPE_ACCESS_ALLOWED, SEC_RIGHTS_FILE_READ | SEC_FILE_EXECUTE, 0, - SID_WORLD, SEC_ACE_TYPE_ACCESS_ALLOWED, SEC_RIGHTS_FILE_READ | SEC_FILE_EXECUTE, 0, + group_sid, SEC_ACE_TYPE_ACCESS_ALLOWED, FILE_GENERIC_READ|FILE_GENERIC_WRITE|FILE_GENERIC_EXECUTE, 0, + SID_WORLD, SEC_ACE_TYPE_ACCESS_ALLOWED, FILE_GENERIC_READ|FILE_GENERIC_WRITE|FILE_GENERIC_EXECUTE, 0, SID_NT_SYSTEM, SEC_ACE_TYPE_ACCESS_ALLOWED, SEC_RIGHTS_FILE_ALL, 0, NULL); |