From: Jeremy Allison <jra@samba.org>
Date: Mon, 27 Aug 2012 21:15:35 +0000 (-0700)
Subject: SEC_RIGHTS_DIR_PRIV_BACKUP and SEC_RIGHTS_DIR_PRIV_RESTORE aren't used anywhere.... 
X-Git-Tag: samba-4.0.0rc1~289
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=69d925d110a23e9f1cf9e6013729eb611b8ab58a;p=thirdparty%2Fsamba.git

SEC_RIGHTS_DIR_PRIV_BACKUP and SEC_RIGHTS_DIR_PRIV_RESTORE aren't used anywhere. Remove (can re-add if needed).

Ensure the privilege rights are always specific rights, not generic.
By the time the privilege rights are examined, we've already mapped
from generic to specific in the access_mask.
---

diff --git a/librpc/idl/security.idl b/librpc/idl/security.idl
index 5973fc52987..33085c4e149 100644
--- a/librpc/idl/security.idl
+++ b/librpc/idl/security.idl
@@ -147,19 +147,18 @@ interface security
 	const int SEC_RIGHTS_DIR_ALL      = SEC_RIGHTS_FILE_ALL;
 
 	/* rights granted by some specific privileges */
-	const int SEC_RIGHTS_PRIV_BACKUP  = SEC_STD_READ_CONTROL | 
+	const int SEC_RIGHTS_PRIV_BACKUP  = SEC_STD_READ_CONTROL |
 					    SEC_FLAG_SYSTEM_SECURITY |
-					    SEC_GENERIC_READ;
-	const int SEC_RIGHTS_DIR_PRIV_BACKUP  = SEC_RIGHTS_PRIV_BACKUP 
-					      | SEC_DIR_TRAVERSE;
+					    SEC_RIGHTS_FILE_READ |
+					    SEC_DIR_TRAVERSE;
 
-	const int SEC_RIGHTS_PRIV_RESTORE = SEC_STD_WRITE_DAC | 
+	const int SEC_RIGHTS_PRIV_RESTORE = SEC_STD_WRITE_DAC |
 					    SEC_STD_WRITE_OWNER |
 					    SEC_FLAG_SYSTEM_SECURITY |
-					    SEC_STD_DELETE;
-	const int SEC_RIGHTS_DIR_PRIV_RESTORE = SEC_RIGHTS_PRIV_RESTORE | 
+					    SEC_RIGHTS_FILE_WRITE |
 					    SEC_DIR_ADD_FILE |
-					    SEC_DIR_ADD_SUBDIR;
+					    SEC_DIR_ADD_SUBDIR |
+					    SEC_STD_DELETE;
 
 	/* combinations of standard masks. */
 	const int STANDARD_RIGHTS_ALL_ACCESS		= SEC_STD_ALL; /* 0x001f0000 */