2 This patch fixes some typos with ACL checking that results
3 in the incorrect name being used for the check.
4 This could lead to security problems with unwanted
5 access by restricted consoles.
6 Apply the patch to 1.36.1 with:
9 patch -p0 <1.36.1-acl.patch
15 Index: src/dird/ua_run.c
16 ===================================================================
17 RCS file: /cvsroot/bacula/bacula/src/dird/ua_run.c,v
18 retrieving revision 1.58
19 diff -u -r1.58 ua_run.c
20 --- src/dird/ua_run.c 8 Nov 2004 21:12:12 -0000 1.58
21 +++ src/dird/ua_run.c 30 Jan 2005 16:41:09 -0000
23 pool = job->pool; /* use default */
27 - } else if (!acl_access_ok(ua, Pool_ACL, store->hdr.name)) {
29 + } else if (!acl_access_ok(ua, Pool_ACL, pool->hdr.name)) {
30 bsendmsg(ua, _("No authorization. Pool \"%s\".\n"),
35 + Dmsg1(200, "Using pool\n", pool->hdr.name);
38 client = (CLIENT *)GetResWithName(R_CLIENT, client_name);
40 client = job->client; /* use default */
44 - } else if (!acl_access_ok(ua, Client_ACL, store->hdr.name)) {
46 + } else if (!acl_access_ok(ua, Client_ACL, client->hdr.name)) {
47 bsendmsg(ua, _("No authorization. Client \"%s\".\n"),
52 + Dmsg1(200, "Using client=%s\n", client->hdr.name);
55 fileset = (FILESET *)GetResWithName(R_FILESET, fileset_name);
57 fileset = job->fileset; /* use default */
61 - } else if (!acl_access_ok(ua, FileSet_ACL, store->hdr.name)) {
63 + } else if (!acl_access_ok(ua, FileSet_ACL, fileset->hdr.name)) {
64 bsendmsg(ua, _("No authorization. FileSet \"%s\".\n"),
70 if (verify_job_name) {