The branch, master has been updated via 40a6e01 security: ensure the merge of libcli/security doesn't change s3 behaviour via f7ffc12 libcli/security Use static SIDs rather than parsing from strings via a879a46 libcli/auth Merge source4/libcli/security and util_sid.c into the common code via 8b22eef libcli/security Define traditional constants in terms of IDL macros via 949541c libcli/security Move source3/lib/util_seaccess.c into the common code via 353d9bc s4-acl Merge sec_access_check() with se_access_check() from source3/ via 058daa1 s3-acl Use uint32_t for counting the ACEs via a040466 s3-acl Merge source4-supported privileges into se_access_check via 7c6105e s3-util_nttoken.c Also copy the rights_mask when copying a security_token via 170b345 s3-auth Use security_token_debug() from common code via 58cf837 s3-auth use security_token_has_sid() from the common code via deb7c02 s3 Replace is_sid_in_token() with security_token_has_sid() from common code from c41bb6e s4: show samba version in bin/samba -b
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log ----------------------------------------------------------------- commit 40a6e019fdb9ed3d736883b7ba349a976f215208 Author: Andrew Tridgell <tri...@samba.org> Date: Thu Oct 14 13:32:17 2010 +1100 security: ensure the merge of libcli/security doesn't change s3 behaviour Jeremy, you put a #if 0 around this logic in this commit: 8344e945 (Jeremy Allison 2008-10-31 10:51:45 -0700 181) is this still needed? Pair-Programmed-With: Andrew Bartlett <abart...@samba.org> Autobuild-User: Andrew Tridgell <tri...@samba.org> Autobuild-Date: Thu Oct 14 03:16:41 UTC 2010 on sn-devel-104 commit f7ffc12e2d43bd2dddb0a29eb778ff69a6b2802d Author: Andrew Bartlett <abart...@samba.org> Date: Tue Sep 21 07:14:38 2010 +1000 libcli/security Use static SIDs rather than parsing from strings This should make the security_token_is_*() calls a little faster. Andrew Bartlett Signed-off-by: Andrew Tridgell <tri...@samba.org> commit a879a4610dac03b814ad40800f408416d250c6be Author: Andrew Bartlett <abart...@samba.org> Date: Sat Sep 18 12:55:31 2010 +1000 libcli/auth Merge source4/libcli/security and util_sid.c into the common code This should ensure we only have one copy of these core functions in the tree. Andrew Bartlett Signed-off-by: Andrew Tridgell <tri...@samba.org> commit 8b22eefd252e5d8d787ce3368d54b23d75b00310 Author: Andrew Bartlett <abart...@samba.org> Date: Mon Sep 20 14:48:00 2010 +1000 libcli/security Define traditional constants in terms of IDL macros The source3/ code uses these constants in a lot of places, and it will take time and care to rename them, if that is desired. Linking the macros here will at least allow common code to use the IDL based macros, and preserve a documentary link between the constants (other than just their value) Andrew Bartlett Signed-off-by: Andrew Tridgell <tri...@samba.org> commit 949541cc6f42651344c14dc6f673e72a3e7db947 Author: Andrew Bartlett <abart...@samba.org> Date: Sat Sep 18 11:06:02 2010 +1000 libcli/security Move source3/lib/util_seaccess.c into the common code Signed-off-by: Andrew Tridgell <tri...@samba.org> commit 353d9bc3e42bc051119c205ac981fc819c6877b4 Author: Andrew Bartlett <abart...@samba.org> Date: Sat Sep 18 10:58:10 2010 +1000 s4-acl Merge sec_access_check() with se_access_check() from source3/ Andrew Bartlett Signed-off-by: Andrew Tridgell <tri...@samba.org> commit 058daa1cf5742fc95fc15141bbd5fad96d02dee6 Author: Andrew Bartlett <abart...@samba.org> Date: Sat Sep 18 10:54:37 2010 +1000 s3-acl Use uint32_t for counting the ACEs Signed-off-by: Andrew Tridgell <tri...@samba.org> commit a040466d0d6866f2ede22261fbd90018773b03de Author: Andrew Bartlett <abart...@samba.org> Date: Sat Sep 18 10:29:02 2010 +1000 s3-acl Merge source4-supported privileges into se_access_check This will shortly be the common se_access_check function. Andrew Bartlett Signed-off-by: Andrew Tridgell <tri...@samba.org> commit 7c6105ec27612adc712d3afcd3a794b6b7d32d8d Author: Andrew Bartlett <abart...@samba.org> Date: Fri Sep 17 16:23:53 2010 +1000 s3-util_nttoken.c Also copy the rights_mask when copying a security_token These are unused in source3/ code at the moment, but it would be unfortunate if that were to change, and this function not be updated. Andrew Bartlett Signed-off-by: Andrew Tridgell <tri...@samba.org> commit 170b345e0c688b178eb37a73a8110dec68a8ae31 Author: Andrew Bartlett <abart...@samba.org> Date: Fri Sep 17 15:31:28 2010 +1000 s3-auth Use security_token_debug() from common code This prints the security token including the privileges as strings instead of just a bitmap. Andrew Bartlett Signed-off-by: Andrew Tridgell <tri...@samba.org> commit 58cf83732a3af2cf2098b1b2108e4b5f36e8fa9e Author: Andrew Bartlett <abart...@samba.org> Date: Fri Sep 17 14:55:56 2010 +1000 s3-auth use security_token_has_sid() from the common code The wrapper call is left here to avoid changing semantics for the NULL parameter case. Andrew Bartlett Signed-off-by: Andrew Tridgell <tri...@samba.org> commit deb7c0243663d3fa435531bad77d2897b1d15285 Author: Andrew Bartlett <abart...@samba.org> Date: Fri Sep 17 13:08:59 2010 +1000 s3 Replace is_sid_in_token() with security_token_has_sid() from common code The two routines are identical, so there is no need to keep both. Andrew Bartlett Signed-off-by: Andrew Tridgell <tri...@samba.org> ----------------------------------------------------------------------- Summary of changes: {source4/libcli => libcli}/security/access_check.c | 149 ++++++++-- libcli/security/access_check.h | 78 +++++ .../libcli => libcli}/security/create_descriptor.c | 0 libcli/security/dom_sid.c | 4 +- libcli/security/dom_sid.h | 51 +++ {source4/libcli => libcli}/security/object_tree.c | 0 libcli/security/security.h | 69 ++++- libcli/security/security_descriptor.h | 13 + libcli/security/security_token.c | 10 +- {source3/lib => libcli/security}/util_sid.c | 268 +++------------- libcli/security/wscript_build | 4 +- libgpo/gpo_ldap.c | 2 +- nsswitch/wscript_build | 2 +- source3/Makefile.in | 6 +- source3/auth/auth_util.c | 2 +- source3/auth/token_util.c | 37 +-- source3/include/proto.h | 28 -- source3/include/smb.h | 91 ------ source3/lib/util_nttoken.c | 4 + source3/lib/util_seaccess.c | 247 --------------- source3/lib/util_sid.c | 325 +------------------- source3/rpc_server/srv_samr_nt.c | 6 +- source3/rpc_server/srv_wkssvc_nt.c | 6 +- source3/smbd/sec_ctx.c | 3 +- source3/utils/net_proto.h | 1 - source3/utils/net_rpc.c | 2 +- source3/winbindd/winbindd_pam.c | 2 +- source3/winbindd/winbindd_proto.h | 1 - source3/winbindd/winbindd_util.c | 2 +- source4/lib/policy/gp_ldap.c | 2 +- source4/libcli/raw/smb.h | 13 - source4/libcli/security/wscript_build | 8 +- source4/ntvfs/posix/pvfs_acl.c | 2 +- source4/rpc_server/srvsvc/dcesrv_srvsvc.c | 2 +- source4/torture/rpc/lsa.c | 17 - source4/torture/rpc/lsa_lookup.c | 17 - 36 files changed, 419 insertions(+), 1055 deletions(-) rename {source4/libcli => libcli}/security/access_check.c (74%) create mode 100644 libcli/security/access_check.h rename {source4/libcli => libcli}/security/create_descriptor.c (100%) rename {source4/libcli => libcli}/security/object_tree.c (100%) copy {source3/lib => libcli/security}/util_sid.c (62%) delete mode 100644 source3/lib/util_seaccess.c Changeset truncated at 500 lines: diff --git a/source4/libcli/security/access_check.c b/libcli/security/access_check.c similarity index 74% rename from source4/libcli/security/access_check.c rename to libcli/security/access_check.c index e8b8ee8..35ee057 100644 --- a/source4/libcli/security/access_check.c +++ b/libcli/security/access_check.c @@ -1,9 +1,11 @@ /* Unix SMB/CIFS implementation. - security access checking routines - Copyright (C) Andrew Tridgell 2004 + Copyright (C) Gerald Carter 2005 + Copyright (C) Volker Lendecke 2007 + Copyright (C) Jeremy Allison 2008 + Copyright (C) Andrew Bartlett 2010 This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -22,15 +24,93 @@ #include "includes.h" #include "libcli/security/security.h" +/* Map generic access rights to object specific rights. This technique is + used to give meaning to assigning read, write, execute and all access to + objects. Each type of object has its own mapping of generic to object + specific access rights. */ + +void se_map_generic(uint32_t *access_mask, const struct generic_mapping *mapping) +{ + uint32_t old_mask = *access_mask; + + if (*access_mask & GENERIC_READ_ACCESS) { + *access_mask &= ~GENERIC_READ_ACCESS; + *access_mask |= mapping->generic_read; + } + + if (*access_mask & GENERIC_WRITE_ACCESS) { + *access_mask &= ~GENERIC_WRITE_ACCESS; + *access_mask |= mapping->generic_write; + } + + if (*access_mask & GENERIC_EXECUTE_ACCESS) { + *access_mask &= ~GENERIC_EXECUTE_ACCESS; + *access_mask |= mapping->generic_execute; + } + + if (*access_mask & GENERIC_ALL_ACCESS) { + *access_mask &= ~GENERIC_ALL_ACCESS; + *access_mask |= mapping->generic_all; + } + + if (old_mask != *access_mask) { + DEBUG(10, ("se_map_generic(): mapped mask 0x%08x to 0x%08x\n", + old_mask, *access_mask)); + } +} + +/* Map generic access rights to object specific rights for all the ACE's + * in a security_acl. + */ + +void security_acl_map_generic(struct security_acl *sa, + const struct generic_mapping *mapping) +{ + unsigned int i; + + if (!sa) { + return; + } + + for (i = 0; i < sa->num_aces; i++) { + se_map_generic(&sa->aces[i].access_mask, mapping); + } +} + +/* Map standard access rights to object specific rights. This technique is + used to give meaning to assigning read, write, execute and all access to + objects. Each type of object has its own mapping of standard to object + specific access rights. */ + +void se_map_standard(uint32_t *access_mask, const struct standard_mapping *mapping) +{ + uint32_t old_mask = *access_mask; + + if (*access_mask & SEC_STD_READ_CONTROL) { + *access_mask &= ~SEC_STD_READ_CONTROL; + *access_mask |= mapping->std_read; + } + + if (*access_mask & (SEC_STD_DELETE|SEC_STD_WRITE_DAC|SEC_STD_WRITE_OWNER|SEC_STD_SYNCHRONIZE)) { + *access_mask &= ~(SEC_STD_DELETE|SEC_STD_WRITE_DAC|SEC_STD_WRITE_OWNER|SEC_STD_SYNCHRONIZE); + *access_mask |= mapping->std_all; + } + + if (old_mask != *access_mask) { + DEBUG(10, ("se_map_standard(): mapped mask 0x%08x to 0x%08x\n", + old_mask, *access_mask)); + } +} + /* perform a SEC_FLAG_MAXIMUM_ALLOWED access check */ -static uint32_t access_check_max_allowed(const struct security_descriptor *sd, - const struct security_token *token) +static uint32_t access_check_max_allowed(const struct security_descriptor *sd, + const struct security_token *token) { uint32_t denied = 0, granted = 0; - uint32_t i; - + unsigned i; + if (security_token_has_sid(token, sd->owner_sid)) { granted |= SEC_STD_WRITE_DAC | SEC_STD_READ_CONTROL | SEC_STD_DELETE; } else if (security_token_has_privilege(token, SEC_PRIV_RESTORE)) { @@ -40,7 +120,7 @@ static uint32_t access_check_max_allowed(const struct security_descriptor *sd, if (sd->dacl == NULL) { return granted & ~denied; } - + for (i = 0;i<sd->dacl->num_aces; i++) { struct security_ace *ace = &sd->dacl->aces[i]; @@ -68,25 +148,12 @@ static uint32_t access_check_max_allowed(const struct security_descriptor *sd, return granted & ~denied; } -static const struct GUID *get_ace_object_type(struct security_ace *ace) -{ - struct GUID *type; - - if (ace->object.object.flags & SEC_ACE_OBJECT_TYPE_PRESENT) - type = &ace->object.object.type.type; - else if (ace->object.object.flags & SEC_ACE_INHERITED_OBJECT_TYPE_PRESENT) - type = &ace->object.object.inherited_type.inherited_type; /* This doesn't look right. Is something wrong with the IDL? */ - else - type = NULL; - - return type; - -} - /* - the main entry point for access checking. + The main entry point for access checking. If returning ACCESS_DENIED + this function returns the denied bits in the uint32_t pointed + to by the access_granted pointer. */ -NTSTATUS sec_access_check(const struct security_descriptor *sd, +NTSTATUS se_access_check(const struct security_descriptor *sd, const struct security_token *token, uint32_t access_desired, uint32_t *access_granted) @@ -99,12 +166,23 @@ NTSTATUS sec_access_check(const struct security_descriptor *sd, /* handle the maximum allowed flag */ if (access_desired & SEC_FLAG_MAXIMUM_ALLOWED) { + uint32_t orig_access_desired = access_desired; + access_desired |= access_check_max_allowed(sd, token); access_desired &= ~SEC_FLAG_MAXIMUM_ALLOWED; *access_granted = access_desired; bits_remaining = access_desired & ~SEC_STD_DELETE; + + DEBUG(10,("se_access_check: MAX desired = 0x%x, granted = 0x%x, remaining = 0x%x\n", + orig_access_desired, + *access_granted, + bits_remaining)); } +#if (_SAMBA_BUILD_ >= 4) + /* s3 had this with #if 0 previously. To be sure the merge + doesn't change any behaviour, we have the above #if check + on _SAMBA_BUILD_. */ if (access_desired & SEC_FLAG_SYSTEM_SECURITY) { if (security_token_has_privilege(token, SEC_PRIV_SECURITY)) { bits_remaining &= ~SEC_FLAG_SYSTEM_SECURITY; @@ -112,6 +190,7 @@ NTSTATUS sec_access_check(const struct security_descriptor *sd, return NT_STATUS_PRIVILEGE_NOT_HELD; } } +#endif /* a NULL dacl allows access */ if ((sd->type & SEC_DESC_DACL_PRESENT) && sd->dacl == NULL) { @@ -124,6 +203,10 @@ NTSTATUS sec_access_check(const struct security_descriptor *sd, security_token_has_sid(token, sd->owner_sid)) { bits_remaining &= ~(SEC_STD_WRITE_DAC|SEC_STD_READ_CONTROL|SEC_STD_DELETE); } + if ((bits_remaining & SEC_STD_DELETE) && + (security_token_has_privilege(token, SEC_PRIV_RESTORE))) { + bits_remaining &= ~SEC_STD_DELETE; + } if ((bits_remaining & SEC_RIGHTS_PRIV_RESTORE) && security_token_has_privilege(token, SEC_PRIV_RESTORE)) { bits_remaining &= ~(SEC_RIGHTS_PRIV_RESTORE); @@ -166,12 +249,29 @@ NTSTATUS sec_access_check(const struct security_descriptor *sd, done: if (bits_remaining != 0) { + *access_granted = bits_remaining; return NT_STATUS_ACCESS_DENIED; } return NT_STATUS_OK; } + +static const struct GUID *get_ace_object_type(struct security_ace *ace) +{ + struct GUID *type; + + if (ace->object.object.flags & SEC_ACE_OBJECT_TYPE_PRESENT) + type = &ace->object.object.type.type; + else if (ace->object.object.flags & SEC_ACE_INHERITED_OBJECT_TYPE_PRESENT) + type = &ace->object.object.inherited_type.inherited_type; /* This doesn't look right. Is something wrong with the IDL? */ + else + type = NULL; + + return type; + +} + /* modified access check for the purposes of DS security * Lots of code duplication, it will ve united in just one * function eventually */ @@ -299,4 +399,3 @@ done: return NT_STATUS_OK; } - diff --git a/libcli/security/access_check.h b/libcli/security/access_check.h new file mode 100644 index 0000000..700f981 --- /dev/null +++ b/libcli/security/access_check.h @@ -0,0 +1,78 @@ +/* + Unix SMB/CIFS implementation. + + Copyright (C) Andrew Tridgell 2004 + Copyright (C) Gerald Carter 2005 + Copyright (C) Volker Lendecke 2007 + Copyright (C) Jeremy Allison 2008 + Copyright (C) Andrew Bartlett 2010 + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program. If not, see <http://www.gnu.org/licenses/>. +*/ + +#include "librpc/gen_ndr/security.h" + +/* Map generic access rights to object specific rights. This technique is + used to give meaning to assigning read, write, execute and all access to + objects. Each type of object has its own mapping of generic to object + specific access rights. */ + +void se_map_generic(uint32_t *access_mask, const struct generic_mapping *mapping); + +/* Map generic access rights to object specific rights for all the ACE's + * in a security_acl. + */ +void security_acl_map_generic(struct security_acl *sa, + const struct generic_mapping *mapping); + +/* Map standard access rights to object specific rights. This technique is + used to give meaning to assigning read, write, execute and all access to + objects. Each type of object has its own mapping of standard to object + specific access rights. */ +void se_map_standard(uint32_t *access_mask, const struct standard_mapping *mapping); + +/* + The main entry point for access checking. If returning ACCESS_DENIED + this function returns the denied bits in the uint32_t pointed + to by the access_granted pointer. +*/ +NTSTATUS se_access_check(const struct security_descriptor *sd, + const struct security_token *token, + uint32_t access_desired, + uint32_t *access_granted); + +/* modified access check for the purposes of DS security + * Lots of code duplication, it will ve united in just one + * function eventually */ + +NTSTATUS sec_access_check_ds(const struct security_descriptor *sd, + const struct security_token *token, + uint32_t access_desired, + uint32_t *access_granted, + struct object_tree *tree, + struct dom_sid *replace_sid); + +bool insert_in_object_tree(TALLOC_CTX *mem_ctx, + const struct GUID *guid, + uint32_t init_access, + struct object_tree **root, + struct object_tree **new_node); + +/* search by GUID */ +struct object_tree *get_object_tree_by_GUID(struct object_tree *root, + const struct GUID *guid); + +/* Change the granted access per each ACE */ +void object_tree_modify_access(struct object_tree *root, + uint32_t access); diff --git a/source4/libcli/security/create_descriptor.c b/libcli/security/create_descriptor.c similarity index 100% rename from source4/libcli/security/create_descriptor.c rename to libcli/security/create_descriptor.c diff --git a/libcli/security/dom_sid.c b/libcli/security/dom_sid.c index f94d952..217d7bb 100644 --- a/libcli/security/dom_sid.c +++ b/libcli/security/dom_sid.c @@ -28,8 +28,8 @@ Compare the auth portion of two sids. *****************************************************************/ -static int dom_sid_compare_auth(const struct dom_sid *sid1, - const struct dom_sid *sid2) +int dom_sid_compare_auth(const struct dom_sid *sid1, + const struct dom_sid *sid2) { int i; diff --git a/libcli/security/dom_sid.h b/libcli/security/dom_sid.h index ac8669d..3d1161f 100644 --- a/libcli/security/dom_sid.h +++ b/libcli/security/dom_sid.h @@ -25,10 +25,41 @@ #include "librpc/gen_ndr/security.h" +/* Some well-known SIDs */ +extern const struct dom_sid global_sid_World_Domain; +extern const struct dom_sid global_sid_World; +extern const struct dom_sid global_sid_Creator_Owner_Domain; +extern const struct dom_sid global_sid_NT_Authority; +extern const struct dom_sid global_sid_Enterprise_DCs; +extern const struct dom_sid global_sid_System; +extern const struct dom_sid global_sid_NULL; +extern const struct dom_sid global_sid_Authenticated_Users; +extern const struct dom_sid global_sid_Network; +extern const struct dom_sid global_sid_Creator_Owner; +extern const struct dom_sid global_sid_Creator_Group; +extern const struct dom_sid global_sid_Anonymous; +extern const struct dom_sid global_sid_Builtin; +extern const struct dom_sid global_sid_Builtin_Administrators; +extern const struct dom_sid global_sid_Builtin_Users; +extern const struct dom_sid global_sid_Builtin_Guests; +extern const struct dom_sid global_sid_Builtin_Power_Users; +extern const struct dom_sid global_sid_Builtin_Account_Operators; +extern const struct dom_sid global_sid_Builtin_Server_Operators; +extern const struct dom_sid global_sid_Builtin_Print_Operators; +extern const struct dom_sid global_sid_Builtin_Backup_Operators; +extern const struct dom_sid global_sid_Builtin_Replicator; +extern const struct dom_sid global_sid_Builtin_PreWin2kAccess; +extern const struct dom_sid global_sid_Unix_Users; +extern const struct dom_sid global_sid_Unix_Groups; + +int dom_sid_compare_auth(const struct dom_sid *sid1, + const struct dom_sid *sid2); int dom_sid_compare(const struct dom_sid *sid1, const struct dom_sid *sid2); int dom_sid_compare_domain(const struct dom_sid *sid1, const struct dom_sid *sid2); bool dom_sid_equal(const struct dom_sid *sid1, const struct dom_sid *sid2); +bool sid_append_rid(struct dom_sid *sid, uint32_t rid); +bool string_to_sid(struct dom_sid *sidout, const char *sidstr); bool dom_sid_parse(const char *sidstr, struct dom_sid *ret); struct dom_sid *dom_sid_parse_talloc(TALLOC_CTX *mem_ctx, const char *sidstr); struct dom_sid *dom_sid_parse_length(TALLOC_CTX *mem_ctx, const DATA_BLOB *sid); @@ -42,5 +73,25 @@ bool dom_sid_in_domain(const struct dom_sid *domain_sid, const struct dom_sid *sid); char *dom_sid_string(TALLOC_CTX *mem_ctx, const struct dom_sid *sid); + +const char *sid_type_lookup(uint32_t sid_type); +const struct security_token *get_system_token(void); +bool sid_compose(struct dom_sid *dst, const struct dom_sid *domain_sid, uint32_t rid); +bool sid_split_rid(struct dom_sid *sid, uint32_t *rid); +bool sid_peek_rid(const struct dom_sid *sid, uint32_t *rid); +bool sid_peek_check_rid(const struct dom_sid *exp_dom_sid, const struct dom_sid *sid, uint32_t *rid); +void sid_copy(struct dom_sid *dst, const struct dom_sid *src); +bool sid_parse(const char *inbuf, size_t len, struct dom_sid *sid); +int sid_compare_domain(const struct dom_sid *sid1, const struct dom_sid *sid2); +bool sid_equal(const struct dom_sid *sid1, const struct dom_sid *sid2); +NTSTATUS add_sid_to_array(TALLOC_CTX *mem_ctx, const struct dom_sid *sid, + struct dom_sid **sids, uint32_t *num); +NTSTATUS add_sid_to_array_unique(TALLOC_CTX *mem_ctx, const struct dom_sid *sid, + struct dom_sid **sids, uint32_t *num_sids); +void del_sid_from_array(const struct dom_sid *sid, struct dom_sid **sids, size_t *num); +bool add_rid_to_array_unique(TALLOC_CTX *mem_ctx, + uint32_t rid, uint32_t **pp_rids, size_t *p_num); +bool is_null_sid(const struct dom_sid *sid); + #endif /*_DOM_SID_H_*/ diff --git a/source4/libcli/security/object_tree.c b/libcli/security/object_tree.c similarity index 100% rename from source4/libcli/security/object_tree.c rename to libcli/security/object_tree.c diff --git a/libcli/security/security.h b/libcli/security/security.h index 8018bee..39ae3ec 100644 --- a/libcli/security/security.h +++ b/libcli/security/security.h @@ -25,6 +25,70 @@ #define PRIMARY_USER_SID_INDEX 0 #define PRIMARY_GROUP_SID_INDEX 1 +/* File Specific access rights */ +#define FILE_READ_DATA SEC_FILE_READ_DATA +#define FILE_WRITE_DATA SEC_FILE_WRITE_DATA +#define FILE_APPEND_DATA SEC_FILE_APPEND_DATA +#define FILE_READ_EA SEC_FILE_READ_EA /* File and directory */ +#define FILE_WRITE_EA SEC_FILE_WRITE_EA /* File and directory */ +#define FILE_EXECUTE SEC_FILE_EXECUTE +#define FILE_READ_ATTRIBUTES SEC_FILE_READ_ATTRIBUTE +#define FILE_WRITE_ATTRIBUTES SEC_FILE_WRITE_ATTRIBUTE + +#define FILE_ALL_ACCESS SEC_FILE_ALL + +/* Directory specific access rights */ +#define FILE_LIST_DIRECTORY SEC_DIR_LIST +#define FILE_ADD_FILE SEC_DIR_ADD_FILE +#define FILE_ADD_SUBDIRECTORY SEC_DIR_ADD_SUBDIR +#define FILE_TRAVERSE SEC_DIR_TRAVERSE +#define FILE_DELETE_CHILD SEC_DIR_DELETE_CHILD + +/* Generic access masks & rights. */ +#define DELETE_ACCESS SEC_STD_DELETE /* (1L<<16) */ +#define READ_CONTROL_ACCESS SEC_STD_READ_CONTROL /* (1L<<17) */ +#define WRITE_DAC_ACCESS SEC_STD_WRITE_DAC /* (1L<<18) */ +#define WRITE_OWNER_ACCESS SEC_STD_WRITE_OWNER /* (1L<<19) */ +#define SYNCHRONIZE_ACCESS SEC_STD_SYNCHRONIZE /* (1L<<20) */ + +#define SYSTEM_SECURITY_ACCESS SEC_FLAG_SYSTEM_SECURITY /* (1L<<24) */ +#define MAXIMUM_ALLOWED_ACCESS SEC_FLAG_MAXIMUM_ALLOWED /* (1L<<25) */ +#define GENERIC_ALL_ACCESS SEC_GENERIC_ALL /* (1<<28) */ +#define GENERIC_EXECUTE_ACCESS SEC_GENERIC_EXECUTE /* (1<<29) */ +#define GENERIC_WRITE_ACCESS SEC_GENERIC_WRITE /* (1<<30) */ +#define GENERIC_READ_ACCESS ((unsigned)SEC_GENERIC_READ) /* (((unsigned)1)<<31) */ + +/* Mapping of generic access rights for files to specific rights. */ + +/* This maps to 0x1F01FF */ +#define FILE_GENERIC_ALL (STANDARD_RIGHTS_REQUIRED_ACCESS|\ + SEC_STD_SYNCHRONIZE|\ + FILE_ALL_ACCESS) + +/* This maps to 0x120089 */ +#define FILE_GENERIC_READ (STANDARD_RIGHTS_READ_ACCESS|\ + FILE_READ_DATA|\ + FILE_READ_ATTRIBUTES|\ + FILE_READ_EA|\ + SYNCHRONIZE_ACCESS) + +/* This maps to 0x120116 */ +#define FILE_GENERIC_WRITE (SEC_STD_READ_CONTROL|\ + FILE_WRITE_DATA|\ + FILE_WRITE_ATTRIBUTES|\ + FILE_WRITE_EA|\ + FILE_APPEND_DATA|\ + SYNCHRONIZE_ACCESS) + +#define FILE_GENERIC_EXECUTE (STANDARD_RIGHTS_EXECUTE_ACCESS|\ + FILE_READ_ATTRIBUTES|\ + FILE_EXECUTE|\ + SYNCHRONIZE_ACCESS) + +/* Share specific rights. */ +#define SHARE_ALL_ACCESS FILE_GENERIC_ALL +#define SHARE_READ_ONLY (FILE_GENERIC_READ|FILE_EXECUTE) + struct object_tree { uint32_t remaining_access; struct GUID guid; @@ -40,9 +104,6 @@ struct object_tree { #include "libcli/security/security_token.h" #include "libcli/security/sddl.h" #include "libcli/security/privileges.h" - -#if _SAMBA_BUILD_ >= 4 -#include "libcli/security/proto.h" -#endif +#include "libcli/security/access_check.h" -- Samba Shared Repository