diff options
author | Gordon Ross <gwr@nexenta.com> | 2016-09-01 16:25:53 -0400 |
---|---|---|
committer | Gordon Ross <gwr@nexenta.com> | 2019-05-28 13:34:10 -0400 |
commit | d4c7367e08269b5554f55db1e77ddeb28a011771 (patch) | |
tree | 7085073bc2b0242346a2e4272b729e828f8cbcda /usr/src/lib | |
parent | 0eb1a43f254994988a92928ccf6369af53b62774 (diff) | |
download | illumos-joyent-d4c7367e08269b5554f55db1e77ddeb28a011771.tar.gz |
10981 Can't remove the Domain Admin from the local administrators group
Reviewed by: Dan Fields <dan.fields@nexenta.com>
Reviewed by: Matt Barden <matt.barden@nexenta.com>
Reviewed by: Evan Layton <evan.layton@nexenta.com>
Approved by: Garrett D'Amore <garrett@damore.org>
Diffstat (limited to 'usr/src/lib')
-rw-r--r-- | usr/src/lib/smbsrv/libsmb/common/smb_lgrp.c | 13 |
1 files changed, 11 insertions, 2 deletions
diff --git a/usr/src/lib/smbsrv/libsmb/common/smb_lgrp.c b/usr/src/lib/smbsrv/libsmb/common/smb_lgrp.c index 3cab135341..ebd261b95d 100644 --- a/usr/src/lib/smbsrv/libsmb/common/smb_lgrp.c +++ b/usr/src/lib/smbsrv/libsmb/common/smb_lgrp.c @@ -20,9 +20,9 @@ */ /* - * Copyright 2011 Nexenta Systems, Inc. All rights reserved. * Copyright (c) 2008, 2010, Oracle and/or its affiliates. All rights reserved. * Copyright (c) 2013 RackTop Systems. + * Copyright 2016 Nexenta Systems, Inc. All rights reserved. */ #include <stdlib.h> @@ -142,8 +142,12 @@ typedef struct smb_lgmid { uint16_t m_type; } smb_lgmid_t; +/* Buffer size to hold hex form of the above (>24). */ #define SMB_LGRP_MID_HEXSZ 32 +/* Size of idx,rid parts of above, in hex form. */ +#define SMB_LGRP_IDXRID_LEN 16 + /* Member list */ typedef struct smb_lgmlist { uint32_t m_cnt; @@ -2039,6 +2043,10 @@ smb_lgrp_mlist_add(smb_lgmlist_t *in_members, smb_lgmid_t *newm, * memory for out_members by calling free(). * * in_members and out_members are hex strings. + * + * Note that we ignore the SID "type" when matching because + * we always want to delete when the SID part matches. + * The "type" part can be fiction. */ static int smb_lgrp_mlist_del(smb_lgmlist_t *in_members, smb_lgmid_t *mid, @@ -2073,7 +2081,8 @@ smb_lgrp_mlist_del(smb_lgmlist_t *in_members, smb_lgmid_t *mid, in_list = in_members->m_ids; for (i = 0, out_cnt = 0; i < in_members->m_cnt; i++) { - if (strncmp(in_list, mid_hex, mid_hexsz)) { + /* Keep only those NOT matching in IDX,RID */ + if (strncmp(in_list, mid_hex, SMB_LGRP_IDXRID_LEN)) { (void) strncat(out_list, in_list, mid_hexsz); out_cnt++; } |