[SCM] Samba Shared Repository - branch v3-3-test updated -
release-3-2-0pre2-3841-g65b0ea5
Karolin Seeger
kseeger at samba.org
Wed Aug 27 10:07:32 GMT 2008
The branch, v3-3-test has been updated
via 65b0ea5e398b382b6a40c069ca81d399b059b045 (commit)
from d25c0bcfa85e2c5bf20334fd715cc52526f9c8bf (commit)
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-3-test
- Log -----------------------------------------------------------------
commit 65b0ea5e398b382b6a40c069ca81d399b059b045
Author: Andrew Tridgell <tridge at samba.org>
Date: Wed Aug 27 10:45:43 2008 +0200
ldb: Fix permissions of group_mapping.ldb.
This one fixes bug #5715 and CVE-2008-3789.
(cherry picked from commit a94f44c49f668fcf12f4566777a668043326bf97)
-----------------------------------------------------------------------
Summary of changes:
source/groupdb/mapping_ldb.c | 8 +++++++-
1 files changed, 7 insertions(+), 1 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source/groupdb/mapping_ldb.c b/source/groupdb/mapping_ldb.c
index 6775f61..ce65d7c 100644
--- a/source/groupdb/mapping_ldb.c
+++ b/source/groupdb/mapping_ldb.c
@@ -74,7 +74,13 @@ static bool init_group_mapping(void)
if (ret != LDB_SUCCESS) {
goto failed;
}
-
+
+ /* force the permissions on the ldb to 0600 - this will fix
+ existing databases as well as new ones */
+ if (chmod(db_path, 0600) != 0) {
+ goto failed;
+ }
+
if (!existed) {
/* initialise the ldb with an index */
struct ldb_ldif *ldif;
--
Samba Shared Repository
More information about the samba-cvs
mailing list