smbcacls: no need to fetch the sd when changing ownership

Reading the SD may be denied but changing ownership could be allowed. As we don't really need the server SD for the change ownership request, don't fetch it. Signed-off-by: Ralph Boehme <[email protected]> Reviewed-by: Jeremy Allison <[email protected]> Autobuild-User(master): Jeremy Allison <[email protected]> Autobuild-Date(master): Sat Oct 7 00:04:54 CEST 2017 on sn-devel-144
lidan-fnst · Oct 6, 2017 · a826394 · a826394
1 parent fc03049
commit a826394
Showing 1 changed file with 6 additions and 10 deletions.
diff --git a/source3/utils/smbcacls.c b/source3/utils/smbcacls.c
@@ -397,21 +397,17 @@ static int owner_set(struct cli_state *cli, enum chown_mode change_mode,
 			const char *filename, const char *new_username)
 {
 	struct dom_sid sid;
-	struct security_descriptor *sd, *old;
+	struct security_descriptor *sd;
 	size_t sd_size;
 
 	if (!StringToSid(cli, &sid, new_username))
 		return EXIT_PARSE_ERROR;
 
-	old = get_secdesc(cli, filename);
-
-	if (!old) {
-		return EXIT_FAILED;
-	}
-
-	sd = make_sec_desc(talloc_tos(),old->revision, SEC_DESC_SELF_RELATIVE,
-				(change_mode == REQUEST_CHOWN) ? &sid : NULL,
-				(change_mode == REQUEST_CHGRP) ? &sid : NULL,
+	sd = make_sec_desc(talloc_tos(),
+			   SECURITY_DESCRIPTOR_REVISION_1,
+			   SEC_DESC_SELF_RELATIVE,
+			   (change_mode == REQUEST_CHOWN) ? &sid : NULL,
+			   (change_mode == REQUEST_CHGRP) ? &sid : NULL,
 			   NULL, NULL, &sd_size);
 
 	if (!set_secdesc(cli, filename, sd)) {