[SCM] Samba Shared Repository - branch master updated - tevent-0-9-8-836-g0597b97

Karolin Seeger kseeger at samba.org
Thu Oct 1 06:29:44 MDT 2009


The branch, master has been updated
       via  0597b97d159b22314f2b485145df7b82af717f0d (commit)
       via  e3dd6f99a4a7b87399bb5cfe4d3e06ac4d78c81f (commit)
      from  c173c1beb1334fcdcf55e458430341f193482b2e (commit)

http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master


- Log -----------------------------------------------------------------
commit 0597b97d159b22314f2b485145df7b82af717f0d
Author: Jeff Layton <jlayton at redhat.com>
Date:   Fri Sep 25 07:07:40 2009 -0400

    mount.cifs: don't leak passwords with verbose option
    
    When running mount.cifs with the --verbose option, it'll print out the
    option string that it passes to the kernel...including the mount
    password if there is one. Print a placeholder string instead to help
    ensure that this info can't be used for nefarious purposes.
    
    Also, the --verbose option printed the option string before it was
    completely assembled anyway. This patch should also make sure that
    the complete option string is printed out.
    
    Finally, strndup passwords passed in on the command line to ensure that
    they aren't shown by --verbose as well. Passwords used this way can
    never be truly kept private from other users on the machine of course,
    but it's simple enough to do it this way for completeness sake.
    
    Reported-by: Ronald Volgers <r.c.volgers at student.utwente.nl>
    Signed-off-by: Jeff Layton <jlayton at redhat.com>
    Acked-by: Steve French <sfrench at us.ibm.com>

commit e3dd6f99a4a7b87399bb5cfe4d3e06ac4d78c81f
Author: Jeff Layton <jlayton at redhat.com>
Date:   Fri Sep 25 06:45:10 2009 -0400

    mount.cifs: check access of credential files before opening
    
    It's possible for an unprivileged user to pass a setuid mount.cifs a
    credential or password file to which he does not have access. This can cause
    mount.cifs to open the file on his behalf and possibly leak the info in the
    first few lines of the file.
    
    Check the access permissions of the file before opening it.
    
    Reported-by: Ronald Volgers <r.c.volgers at student.utwente.nl>
    Signed-off-by: Jeff Layton <jlayton at redhat.com>
    Acked-by: Steve French <sfrench at us.ibm.com>

-----------------------------------------------------------------------

Summary of changes:
 client/mount.cifs.c |   57 ++++++++++++++++++++++++++++++++++++--------------
 1 files changed, 41 insertions(+), 16 deletions(-)


Changeset truncated at 500 lines:

diff --git a/client/mount.cifs.c b/client/mount.cifs.c
index 1c04e13..3baaad7 100644
--- a/client/mount.cifs.c
+++ b/client/mount.cifs.c
@@ -320,6 +320,11 @@ static int open_cred_file(char * file_name)
 	char * temp_val;
 	FILE * fs;
 	int i, length;
+
+	i = access(file_name, R_OK);
+	if (i)
+		return i;
+
 	fs = fopen(file_name,"r");
 	if(fs == NULL)
 		return errno;
@@ -442,6 +447,12 @@ static int get_password_from_file(int file_descript, char * filename)
 	}
 
 	if(filename != NULL) {
+		rc = access(filename, R_OK);
+		if (rc) {
+			fprintf(stderr, "mount.cifs failed: access check of %s failed: %s\n",
+					filename, strerror(errno));
+			exit(EX_SYSERR);
+		}
 		file_descript = open(filename, O_RDONLY);
 		if(file_descript < 0) {
 			fprintf(stderr, "mount.cifs failed. %s attempting to open password file %s\n",
@@ -501,9 +512,6 @@ static int parse_options(char ** optionsp, unsigned long * filesys_flags)
 		return 1;
 	data = *optionsp;
 
-	if(verboseflag)
-		fprintf(stderr, "parsing options: %s\n", data);
-
 	/* BB fixme check for separator override BB */
 
 	if (getuid()) {
@@ -594,14 +602,23 @@ static int parse_options(char ** optionsp, unsigned long * filesys_flags)
 				} else
 					got_password = 1;
 			} else if (strnlen(value, MOUNT_PASSWD_SIZE) < MOUNT_PASSWD_SIZE) {
-				if(got_password)
+				if (got_password) {
 					fprintf(stderr, "\nmount.cifs warning - password specified twice\n");
-				got_password = 1;
+				} else {
+					mountpassword = strndup(value, MOUNT_PASSWD_SIZE);
+					if (!mountpassword) {
+						fprintf(stderr, "mount.cifs error: %s", strerror(ENOMEM));
+						SAFE_FREE(out);
+						return 1;
+					}
+					got_password = 1;
+				}
 			} else {
 				fprintf(stderr, "password too long\n");
 				SAFE_FREE(out);
 				return 1;
 			}
+			goto nocopy;
 		} else if (strncmp(data, "sec", 3) == 0) {
 			if (value) {
 				if (!strncmp(value, "none", 4) ||
@@ -1501,15 +1518,6 @@ mount_retry:
 			strlcat(options,domain_name,options_size);
 		}
 	}
-	if(mountpassword) {
-		/* Commas have to be doubled, or else they will
-		look like the parameter separator */
-/*		if(sep is not set)*/
-		if(retry == 0)
-			check_for_comma(&mountpassword);
-		strlcat(options,",pass=",options_size);
-		strlcat(options,mountpassword,options_size);
-	}
 
 	strlcat(options,",ver=",options_size);
 	strlcat(options,MOUNT_CIFS_VERSION_MAJOR,options_size);
@@ -1522,8 +1530,6 @@ mount_retry:
 		strlcat(options,",prefixpath=",options_size);
 		strlcat(options,prefixpath,options_size); /* no need to cat the / */
 	}
-	if(verboseflag)
-		fprintf(stderr, "\nmount.cifs kernel mount options %s \n",options);
 
 	/* convert all '\\' to '/' in share portion so that /proc/mounts looks pretty */
 	replace_char(dev_name, '\\', '/', strlen(share_name));
@@ -1565,6 +1571,25 @@ mount_retry:
 			 addr6->sin6_scope_id);
 	}
 
+	if(verboseflag)
+		fprintf(stderr, "\nmount.cifs kernel mount options: %s", options);
+
+	if (mountpassword) {
+		/*
+		 * Commas have to be doubled, or else they will
+		 * look like the parameter separator
+		 */
+		if(retry == 0)
+			check_for_comma(&mountpassword);
+		strlcat(options,",pass=",options_size);
+		strlcat(options,mountpassword,options_size);
+		if (verboseflag)
+			fprintf(stderr, ",pass=********");
+	}
+
+	if (verboseflag)
+		fprintf(stderr, "\n");
+
 	if (!fakemnt && mount(dev_name, mountpoint, "cifs", flags, options)) {
 		switch (errno) {
 		case ECONNREFUSED:


-- 
Samba Shared Repository


More information about the samba-cvs mailing list