tags 520284 patch thanks Quoting Steve Langasek ([email protected]): > close 520284 2:3.3.2-1 > tags 520284 lenny > thanks > > On Wed, Mar 18, 2009 at 05:45:28PM +0100, root wrote: > > Package: samba > > Version: 2:3.2.5-4 > > Severity: important > > > can u please apply the patch for samba 3.3 descriped by bug report #6160 > > for the samba version 3.2.5 in lenny. i run in the same error with lenny. > > Marking as a candidate for lenny.
Upstream patch attached (it applies on 3.2.5).
diff --git a/source/smbd/open.c b/source/smbd/open.c
index d2f85ce..c89a5f6 100644
--- a/source/smbd/open.c
+++ b/source/smbd/open.c
@@ -2391,6 +2391,14 @@ NTSTATUS open_directory(connection_struct *conn,
return status;
}
+ /* We need to support SeSecurityPrivilege for this. */
+ if (access_mask & SEC_RIGHT_SYSTEM_SECURITY) {
+ DEBUG(10, ("open_directory: open on %s "
+ "failed - SEC_RIGHT_SYSTEM_SECURITY denied.\n",
+ fname));
+ return NT_STATUS_PRIVILEGE_NOT_HELD;
+ }
+
switch( create_disposition ) {
case FILE_OPEN:
@@ -2924,6 +2932,20 @@ NTSTATUS create_file_unixpath(connection_struct *conn,
status = NT_STATUS_PRIVILEGE_NOT_HELD;
goto fail;
}
+#else
+ /* We need to support SeSecurityPrivilege for this. */
+ if (access_mask & SEC_RIGHT_SYSTEM_SECURITY) {
+ status = NT_STATUS_PRIVILEGE_NOT_HELD;
+ goto fail;
+ }
+ /* Don't allow a SACL set from an NTtrans create until we
+ * support SeSecurityPrivilege. */
+ if (!VALID_STAT(sbuf) &&
+ lp_nt_acl_support(SNUM(conn)) &&
+ sd && (sd->sacl != NULL)) {
+ status = NT_STATUS_PRIVILEGE_NOT_HELD;
+ goto fail;
+ }
#endif
if ((conn->fs_capabilities & FILE_NAMED_STREAMS)
signature.asc
Description: Digital signature
