diff options
| author | midipix <writeonce@midipix.org> | 2018-10-20 17:35:52 -0400 |
|---|---|---|
| committer | midipix <writeonce@midipix.org> | 2018-10-20 23:37:39 -0400 |
| commit | 83fba2e37973afb1db7aec144e06d3ee25f7096d (patch) | |
| tree | 13713297437da824533f85c3716d101f0c3872e0 | |
| parent | ca4b1f76d46b8e250839cbe1012a96be20e05efc (diff) | |
| download | ntapi-83fba2e37973afb1db7aec144e06d3ee25f7096d.tar.bz2 ntapi-83fba2e37973afb1db7aec144e06d3ee25f7096d.tar.xz | |
__ntapi_acl_init_common_descriptor(): properly handle system-owned entities.
| -rw-r--r-- | src/acl/ntapi_acl_helper.c | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/src/acl/ntapi_acl_helper.c b/src/acl/ntapi_acl_helper.c index f2d6b6b..3059cdc 100644 --- a/src/acl/ntapi_acl_helper.c +++ b/src/acl/ntapi_acl_helper.c @@ -79,6 +79,12 @@ void __stdcall __ntapi_acl_init_common_descriptor( (nt_sid *)&sd->owner, owner); + /* is the local system account both the owner and the group? */ + if (!__ntapi->tt_sid_compare(owner,&sid_system)) + if (!__ntapi->tt_sid_compare(group,&sid_system)) + if (system_access == owner_access) + system_access = 0; + /* ace's */ ace = (nt_access_allowed_ace *)&sd->buffer; ace = __acl_ace_init(ace,system_access,&sid_system,&ace_count); |