summaryrefslogtreecommitdiffhomepage
path: root/src
diff options
context:
space:
mode:
Diffstat (limited to 'src')
-rw-r--r--src/acl/ntapi_acl_helper.c6
1 files changed, 6 insertions, 0 deletions
diff --git a/src/acl/ntapi_acl_helper.c b/src/acl/ntapi_acl_helper.c
index 455ef1f..c467f23 100644
--- a/src/acl/ntapi_acl_helper.c
+++ b/src/acl/ntapi_acl_helper.c
@@ -87,6 +87,12 @@ void __stdcall __ntapi_acl_init_common_descriptor(
if (system_access == owner_access)
system_access = 0;
+ /* is the built-in administrators group both the owner and the group? */
+ if (!__ntapi->tt_sid_compare(owner,(nt_sid *)&sid_admins))
+ if (!__ntapi->tt_sid_compare(group,(nt_sid *)&sid_admins))
+ if (admin_access == owner_access)
+ admin_access = 0;
+
/* ace's */
ace = (nt_access_allowed_ace *)&sd->buffer;
ace = __acl_ace_init(ace,system_access,&sid_system,ace_flags,&ace_count);