oysteikt/heimdal
0
0
Fork 0
Code Issues 5 Pull Requests Releases Activity

First, it allows root to ignore the

Browse Source 
naming conventions.  Second, it allows root to always perform any
operation on any ccache.  Note that root could do this anyway with FILE
ccaches

git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@20470 ec53bebd-3082-4978-b11e-865c3cabbd6b
This commit is contained in:
Love Hörnquist Åstrand
2007-04-20 10:41:11 +00:00
parent 4caa3f6d2c
commit b22da5088e
3 changed files with 31 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
kcm/acl.c
View File

@@ -93,12 +93,13 @@ kcm_access(krb5_context context,
mask = 0;
if (client->uid == ccache->uid) {
/* Root may do whatever they like */
if (client->uid == ccache->uid || CLIENT_IS_ROOT(client)) {
if (read_p)
mask |= S_IRUSR;
if (write_p)
mask |= S_IWUSR;
} else if (client->gid == ccache->gid) {
} else if (client->gid == ccache->gid || CLIENT_IS_ROOT(client->uid)) {
if (read_p)
mask |= S_IRGRP;
if (write_p)