summaryrefslogtreecommitdiffhomepage
path: root/src/acl
diff options
context:
space:
mode:
authormidipix <writeonce@midipix.org>2018-10-20 17:35:52 -0400
committermidipix <writeonce@midipix.org>2018-10-20 23:37:39 -0400
commit83fba2e37973afb1db7aec144e06d3ee25f7096d (patch)
tree13713297437da824533f85c3716d101f0c3872e0 /src/acl
parentca4b1f76d46b8e250839cbe1012a96be20e05efc (diff)
downloadntapi-83fba2e37973afb1db7aec144e06d3ee25f7096d.tar.bz2
ntapi-83fba2e37973afb1db7aec144e06d3ee25f7096d.tar.xz
__ntapi_acl_init_common_descriptor(): properly handle system-owned entities.
Diffstat (limited to 'src/acl')
-rw-r--r--src/acl/ntapi_acl_helper.c6
1 files changed, 6 insertions, 0 deletions
diff --git a/src/acl/ntapi_acl_helper.c b/src/acl/ntapi_acl_helper.c
index f2d6b6b..3059cdc 100644
--- a/src/acl/ntapi_acl_helper.c
+++ b/src/acl/ntapi_acl_helper.c
@@ -79,6 +79,12 @@ void __stdcall __ntapi_acl_init_common_descriptor(
(nt_sid *)&sd->owner,
owner);
+ /* is the local system account both the owner and the group? */
+ if (!__ntapi->tt_sid_compare(owner,&sid_system))
+ if (!__ntapi->tt_sid_compare(group,&sid_system))
+ if (system_access == owner_access)
+ system_access = 0;
+
/* ace's */
ace = (nt_access_allowed_ace *)&sd->buffer;
ace = __acl_ace_init(ace,system_access,&sid_system,&ace_count);