[SCM] Samba Shared Repository - branch v3-3-stable updated - release-3-3-0pre1-8-g5747195

Karolin Seeger kseeger at samba.org
Wed Aug 27 10:06:50 GMT 2008


The branch, v3-3-stable has been updated
       via  574719548feeef5180e4c8280ae024459df384dd (commit)
      from  1efacf0269bc92ded0ba1d33724d217cbe03ebaf (commit)

http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-3-stable


- Log -----------------------------------------------------------------
commit 574719548feeef5180e4c8280ae024459df384dd
Author: Andrew Tridgell <tridge at samba.org>
Date:   Wed Aug 27 10:45:43 2008 +0200

    ldb: Fix permissions of group_mapping.ldb.
    
    This one fixes bug #5715 and CVE-2008-3789.
    (cherry picked from commit a94f44c49f668fcf12f4566777a668043326bf97)

-----------------------------------------------------------------------

Summary of changes:
 source/groupdb/mapping_ldb.c |    8 +++++++-
 1 files changed, 7 insertions(+), 1 deletions(-)


Changeset truncated at 500 lines:

diff --git a/source/groupdb/mapping_ldb.c b/source/groupdb/mapping_ldb.c
index 6775f61..ce65d7c 100644
--- a/source/groupdb/mapping_ldb.c
+++ b/source/groupdb/mapping_ldb.c
@@ -74,7 +74,13 @@ static bool init_group_mapping(void)
 	if (ret != LDB_SUCCESS) {
 		goto failed;
 	}
-	
+
+	/* force the permissions on the ldb to 0600 - this will fix
+	   existing databases as well as new ones */
+	if (chmod(db_path, 0600) != 0) {
+		goto failed;
+	}
+
 	if (!existed) {
 		/* initialise the ldb with an index */
 		struct ldb_ldif *ldif;


-- 
Samba Shared Repository


More information about the samba-cvs mailing list