Author: abartlet Date: 2006-01-06 21:04:32 +0000 (Fri, 06 Jan 2006) New Revision: 12746
WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=12746 Log: An initial version of the kludge_acls module. This should be replaced with real ACLs, which tridge is working on. In the meantime, the rules are very simple: - SYSTEM and Administrators can read all. - Users and anonymous cannot read passwords, can read everything else - list of 'password' attributes is hard-coded Most of the difficult work in this was fighting with the C/js interface to add a system_session() all, as it still doesn't get on with me :-) Andrew Bartlett Added: branches/SAMBA_4_0/source/dsdb/samdb/ldb_modules/kludge_acl.c Modified: branches/SAMBA_4_0/source/dsdb/samdb/ldb_modules/config.mk branches/SAMBA_4_0/source/lib/ldb/common/ldb_modules.c branches/SAMBA_4_0/source/lib/ldb/common/ldb_msg.c branches/SAMBA_4_0/source/scripting/ejs/smbcalls_auth.c branches/SAMBA_4_0/source/scripting/ejs/smbcalls_ldb.c branches/SAMBA_4_0/source/setup/provision branches/SAMBA_4_0/source/setup/provision_init.ldif Changeset: Sorry, the patch is too large (374 lines) to include; please use WebSVN to see it! WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=12746