The branch, master has been updated
via 2b784738d7ce444fb63e2cac91ad2e220cc6e551 (commit)
from 4027fde97c0f7fdc7b5c157c82d5563de6f47be2 (commit)
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit 2b784738d7ce444fb63e2cac91ad2e220cc6e551
Author: Jeremy Allison <[email protected]>
Date: Fri May 15 13:13:01 2009 -0700
DeleteUser doesn't need the priv checks, this is done at OpenUser time.
Jeremy.
-----------------------------------------------------------------------
Summary of changes:
source3/rpc_server/srv_samr_nt.c | 20 --------------------
1 files changed, 0 insertions(+), 20 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/rpc_server/srv_samr_nt.c b/source3/rpc_server/srv_samr_nt.c
index 7e55282..8b1a90a 100644
--- a/source3/rpc_server/srv_samr_nt.c
+++ b/source3/rpc_server/srv_samr_nt.c
@@ -5499,8 +5499,6 @@ NTSTATUS _samr_DeleteUser(pipes_struct *p,
struct samr_user_info *uinfo;
NTSTATUS status;
struct samu *sam_pass=NULL;
- bool can_del_accounts = false;
- uint32 acb_info = 0;
bool ret;
DEBUG(5, ("_samr_DeleteUser: %d\n", __LINE__));
@@ -5524,24 +5522,6 @@ NTSTATUS _samr_DeleteUser(pipes_struct *p,
ret = pdb_getsampwsid(sam_pass, &uinfo->sid);
unbecome_root();
- if (ret) {
- acb_info = pdb_get_acct_ctrl(sam_pass);
- }
-
- /* For machine accounts it's the SeMachineAccountPrivilege that counts.
*/
- if (geteuid() == sec_initial_uid()) {
- can_del_accounts = true;
- } else if (acb_info & ACB_WSTRUST) {
- can_del_accounts = user_has_privileges( p->server_info->ptok,
&se_machine_account );
- } else {
- can_del_accounts = user_has_privileges( p->server_info->ptok,
&se_add_users );
- }
-
- if (!can_del_accounts) {
- TALLOC_FREE(sam_pass);
- return NT_STATUS_ACCESS_DENIED;
- }
-
if(!ret) {
DEBUG(5,("_samr_DeleteUser: User %s doesn't exist.\n",
sid_string_dbg(&uinfo->sid)));
--
Samba Shared Repository
