| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
===========================================================
== Subject: Misconfigured /etc/passwd file may share folders unexpectedly
==
== CVE ID#: CVE-2009-2813
==
== Versions: All versions of Samba later than 3.0.11
==
== Summary: If a user in /etc/passwd is misconfigured to have
== an empty home directory then connecting to the home
== share of this user will use the root of the filesystem
== as the home directory.
===========================================================
|
| |
|
|
| |
Karolin
|
| |
|
|
|
|
|
|
| |
Summary:
Specially crafted SMB requests on
authenticated SMB connections can send smbd
into a 100% CPU loop, causing a DoS on the
Samba server.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When running mount.cifs with the --verbose option, it'll print out the
option string that it passes to the kernel...including the mount
password if there is one. Print a placeholder string instead to help
ensure that this info can't be used for nefarious purposes.
Also, the --verbose option printed the option string before it was
completely assembled anyway. This patch should also make sure that
the complete option string is printed out.
Finally, strndup passwords passed in on the command line to ensure that
they aren't shown by --verbose as well. Passwords used this way can
never be truly kept private from other users on the machine of course,
but it's simple enough to do it this way for completeness sake.
Reported-by: Ronald Volgers <r.c.volgers@student.utwente.nl>
Signed-off-by: Jeff Layton <jlayton@redhat.com>
Acked-by: Steve French <sfrench@us.ibm.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
It's possible for an unprivileged user to pass a setuid mount.cifs a
credential or password file to which he does not have access. This can cause
mount.cifs to open the file on his behalf and possibly leak the info in the
first few lines of the file.
Check the access permissions of the file before opening it.
Reported-by: Ronald Volgers <r.c.volgers@student.utwente.nl>
Signed-off-by: Jeff Layton <jlayton@redhat.com>
Acked-by: Steve French <sfrench@us.ibm.com>
|
| | |
|
| | |
|
| |
|
|
| |
Guenther
|
| |
|
|
| |
Guenther
|
| |
|
|
| |
Guenther
|
| |
|
|
| |
Guenther
|
| |
|
|
| |
Guenther
|
| |
|
|
| |
Guenther
|
| |
|
|
|
|
| |
(and move away from rpcstr_pull and rpcstr_pull_talloc).
Guenther
|
| |
|
|
|
|
|
|
| |
After this patch DsGetNCChanges() test works fine.
bind_info returned by server is also cached for future use
Signed-off-by: Anatoliy Atanasov <anatoliy.atanasov@postpath.com>
|
| |
|
|
| |
Signed-off-by: Anatoliy Atanasov <anatoliy.atanasov@postpath.com>
|
| |
|
|
| |
Signed-off-by: Anatoliy Atanasov <anatoliy.atanasov@postpath.com>
|
| | |
|
| |
|
|
| |
Guenther
|
| |
|
|
| |
Guenther
|
| |
|
|
| |
Guenther
|
| |
|
|
| |
Guenther
|
| |
|
|
|
| |
Based on the change in commit fb84edabbe9f358031117de2cf78613c704ac600, these
tests needs to expect lowercase output.
|
| | |
|
| |
|
|
|
| |
The case distinction shouldn't be needed also when "diff" is NULL.
"PyLdbMessage_FromMessage" works with "NULL" arguments.
|
| |
|
|
|
|
|
| |
This reverts commit fb914640ad656b146f732ab33063575e2e47e37c.
Jelmer requested the revert since he feels better when we reapply this change
after his merge with the updated WMI branch.
|
| |
|
|
|
|
|
| |
This reverts commit 11a7842854c0be8c427a2dbf0a8fc3761cda6298.
abartlet claims that this patch could lead to data loss (look at technical
mailing list)
|
| |
|
|
|
|
| |
- Improve the error handling according to Jelmer's suggestions
- Print out the error messages on "stderr"
- Add also here the "choice" type for arguments
|
| |
|
|
|
|
|
| |
function levels
Adds a parameter "--function-level" which allows to specify the domain and
forest function level.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
When adding a W2K8 DC to a domain running earlier DC versions, the "adprep"
utility is used to perform schema updates and update other attributes as
necessary.
Adding these entries provides an indication that the adprep utility has been run
with the /forestprep, /domainprep and /rodcprep arguments. Although these
entries indicate adprep has been run, nothing has been done to verify that the
changes that the adprep utility would have made have actually been done.
The values used for the revision atttributes are as seen on a W2K8 DC (not
W2K8 R2, which will probably have higher values).
|
| |
|
|
| |
We are running the W2K8 schema version, not the W2K3 version.
|
| |
|
|
|
|
| |
I came up with a better solution which is invoked when we try to join a domain
as a DC (in file "libnet_become_dc.c"). Consider a following commit for this
patch.
|
| |
|
|
|
|
|
|
|
| |
- We support domain/forest function levels >= (Windows) 2003 Native -> adapt the
domain/forest and DC function level restrictions.
- Consider also the lowest function level of a DC. The domain and forest function
levels can never be higher than it.
- Improve the error handling by printing out messages to "stderr"
- Introduce the "choice" type for choice arguments (saves us some error handling)
|
| |
|
|
|
|
|
|
|
| |
Error codes and their descriptions are generated
using w32err_code.py script.
Error are downloaded from MS site:
http://msdn.microsoft.com/en-us/library/cc231199%28PROT.10%29.aspx
Signed-off-by: Anatoliy Atanasov <anatoliy.atanasov@postpath.com>
|
| |
|
|
|
|
|
|
|
| |
In Win 32 we have
NERR_GroupNotFound which maps to WERR_GROUP_NOT_FOUND currently
and we have
ERROR_GROUP_NOT_FOUND which maps to nothing, so it is to be added
Signed-off-by: Anatoliy Atanasov <anatoliy.atanasov@postpath.com>
|
| |
|
|
|
|
|
|
|
| |
In Win32 we have
NERR_UserExists which maps to WERR_USER_EXISTS currently
and there is
ERROR_USER_EXISTS which maps to WERR_USER_ALREADY_EXISTS
Signed-off-by: Anatoliy Atanasov <anatoliy.atanasov@postpath.com>
|
| |
|
|
|
|
|
| |
It turns out in win32 ERROR_DC_NOT_FOUND exists and it is
an error for Device Context (DC), not Domain Controller
Signed-off-by: Anatoliy Atanasov <anatoliy.atanasov@postpath.com>
|
| |
|
|
| |
Signed-off-by: Anatoliy Atanasov <anatoliy.atanasov@postpath.com>
|
| |
|
|
| |
Signed-off-by: Anatoliy Atanasov <anatoliy.atanasov@postpath.com>
|
| |
|
|
| |
Signed-off-by: Anatoliy Atanasov <anatoliy.atanasov@postpath.com>
|
| |
|
|
| |
The winreg_Type definition comes from misc.idl
|
| |
|
|
|
| |
We were pulling junk memory for our stream names after the reordering
of the struct definition.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Previously, the oplock torture tests, being single threaded, required
the server to return oplock break requests, and other SMB packets
in a specific order for us to verify "correctness".
Of course, in several cases the protocol allows the break packets,
especially breaks to levelII to come back in any order. With tevent
we're now able to wait for oplock breaks in the middle of a torture
test.
I've added a helper to do this, and modified all oplock tests to allow
returning of oplock breaks in any order.
|
| |
|
|
| |
Allows "make test" and other harnesses to print cleaner output.
|
| |
|
|
| |
Guenther
|
| |
|
|
| |
Guenther
|
| |
|
|
| |
Guenther
|
| |
|
|
| |
Guenther
|
| |
|
|
| |
Guenther
|
