diff options
author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-05-05 17:47:29 +0000 |
---|---|---|
committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-05-05 17:47:29 +0000 |
commit | 4f5791ebd03eaec1c7da0865a383175b05102712 (patch) | |
tree | 8ce7b00f7a76baa386372422adebbe64510812d4 /source3/registry/reg_util_token.c | |
parent | Initial commit. (diff) | |
download | samba-4f5791ebd03eaec1c7da0865a383175b05102712.tar.xz samba-4f5791ebd03eaec1c7da0865a383175b05102712.zip |
Adding upstream version 2:4.17.12+dfsg.upstream/2%4.17.12+dfsgupstream
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'source3/registry/reg_util_token.c')
-rw-r--r-- | source3/registry/reg_util_token.c | 61 |
1 files changed, 61 insertions, 0 deletions
diff --git a/source3/registry/reg_util_token.c b/source3/registry/reg_util_token.c new file mode 100644 index 0000000..d599b3a --- /dev/null +++ b/source3/registry/reg_util_token.c @@ -0,0 +1,61 @@ +/* + * Unix SMB/CIFS implementation. + * Registry helper routines + * Copyright (C) Michael Adam 2007 + * + * This program is free software; you can redistribute it and/or modify it + * under the terms of the GNU General Public License as published by the Free + * Software Foundation; either version 3 of the License, or (at your option) + * any later version. + * + * This program is distributed in the hope that it will be useful, but WITHOUT + * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or + * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for + * more details. + * + * You should have received a copy of the GNU General Public License along with + * this program; if not, see <http://www.gnu.org/licenses/>. + */ + +#include "includes.h" +#include "reg_util_token.h" +#include "../libcli/security/security.h" + +/* + * create a fake token just with enough rights to + * locally access the registry: + * + * - builtin administrators sid + * - disk operators privilege + */ +NTSTATUS registry_create_admin_token(TALLOC_CTX *mem_ctx, + struct security_token **ptoken) +{ + NTSTATUS status; + struct security_token *token = NULL; + + if (ptoken == NULL) { + return NT_STATUS_INVALID_PARAMETER; + } + + token = talloc_zero(mem_ctx, struct security_token); + if (token == NULL) { + DEBUG(1, ("talloc failed\n")); + status = NT_STATUS_NO_MEMORY; + goto done; + } + security_token_set_privilege(token, SEC_PRIV_DISK_OPERATOR); + + status = add_sid_to_array(token, &global_sid_Builtin_Administrators, + &token->sids, &token->num_sids); + if (!NT_STATUS_IS_OK(status)) { + DEBUG(1, ("Error adding builtin administrators sid " + "to fake token.\n")); + goto done; + } + + *ptoken = token; + +done: + return status; +} |