[SCM] Samba Shared Repository - branch v3-4-stable updated
Karolin Seeger
kseeger at samba.org
Mon Mar 8 13:40:38 MST 2010
The branch, v3-4-stable has been updated
via 49fc62c... Revert "Fix bug #7067 - Linux asynchronous IO (aio) can cause smbd to fail to respond to a read or write."
via bdad635... WHATSNEW: Prepare release notes for Samba 3.4.7.
via df5a563... WHATSNEW: Start release notes for Samba 3.4.7.
via d811847... VERSION: Raise version number up to 3.4.7.
from d0e7cc3... WHATSNEW: Fix typo.
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-4-stable
- Log -----------------------------------------------------------------
commit 49fc62cc5d8bcb2ef246fa6505c99071b406c413
Author: Karolin Seeger <kseeger at samba.org>
Date: Mon Mar 8 20:53:38 2010 +0100
Revert "Fix bug #7067 - Linux asynchronous IO (aio) can cause smbd to fail to respond to a read or write."
This reverts commit c81c109a6ce83741bb5149a51ceb4ab30855e9f9.
This fixes bug #7222 (All users have full rigths on all shares)(CVE-2010-0728).
commit bdad63514f345a10774dade1746072312ed140c1
Author: Karolin Seeger <kseeger at samba.org>
Date: Mon Mar 8 20:52:56 2010 +0100
WHATSNEW: Prepare release notes for Samba 3.4.7.
Karolin
commit df5a5630a795f57a71d3b9e0f68ba104bc289982
Author: Karolin Seeger <kseeger at samba.org>
Date: Wed Feb 24 16:08:26 2010 +0100
WHATSNEW: Start release notes for Samba 3.4.7.
Karolin
(cherry picked from commit c8fbbbb888a6cc67e603ba04510f5504596b67d8)
commit d811847bbd8badf5c343417b453a527de3f06bbe
Author: Karolin Seeger <kseeger at samba.org>
Date: Wed Feb 24 16:06:32 2010 +0100
VERSION: Raise version number up to 3.4.7.
Karolin
(cherry picked from commit b280381ed338920b1746d0b2b7cd6ea6eb1f92b9)
-----------------------------------------------------------------------
Summary of changes:
WHATSNEW.txt | 54 +++++++++++++++++++++++++++++++++++++++-
source3/VERSION | 2 +-
source3/include/smb.h | 3 +-
source3/lib/system.c | 65 +++----------------------------------------------
source3/smbd/server.c | 8 ------
5 files changed, 58 insertions(+), 74 deletions(-)
Changeset truncated at 500 lines:
diff --git a/WHATSNEW.txt b/WHATSNEW.txt
index 42341d0..80589c7 100644
--- a/WHATSNEW.txt
+++ b/WHATSNEW.txt
@@ -1,4 +1,54 @@
=============================
+ Release Notes for Samba 3.4.7
+ March 8, 2010
+ =============================
+
+
+This is a security release in order to address CVE-2010-0728.
+
+
+o CVE-2010-0728:
+ In Samba releases 3.5.0, 3.4.6 and 3.3.11, new code
+ was added to fix a problem with Linux asynchronous IO handling.
+ This code introduced a bad security flaw on Linux platforms if the
+ binaries were built on Linux platforms with libcap support.
+ The flaw caused all smbd processes to inherit CAP_DAC_OVERRIDE
+ capabilities, allowing all file system access to be allowed
+ even when permissions should have denied access.
+
+
+Changes since 3.5.0
+-------------------
+
+
+o Jeremy Allison <jra at samba.org>
+ * BUG 7222: Fix for CVE-2010-0728.
+
+
+######################################################################
+Reporting bugs & Development Discussion
+#######################################
+
+Please discuss this release on the samba-technical mailing list or by
+joining the #samba-technical IRC channel on irc.freenode.net.
+
+If you do report problems then please try to send high quality
+feedback. If you don't provide vital information to help us track down
+the problem then you will probably be ignored. All bug reports should
+be filed under the Samba 3.4 product in the project's Bugzilla
+database (https://bugzilla.samba.org/).
+
+
+======================================================================
+== Our Code, Our Bugs, Our Responsibility.
+== The Samba Team
+======================================================================
+
+
+Release notes for older versions follow:
+----------------------------------------
+
+ =============================
Release Notes for Samba 3.4.6
February 24, 2010
=============================
@@ -109,8 +159,8 @@ database (https://bugzilla.samba.org/).
======================================================================
-Release notes for older versions follow:
-----------------------------------------
+----------------------------------------------------------------------
+
=============================
Release Notes for Samba 3.4.5
diff --git a/source3/VERSION b/source3/VERSION
index 7133dfb..f40ac81 100644
--- a/source3/VERSION
+++ b/source3/VERSION
@@ -25,7 +25,7 @@
########################################################
SAMBA_VERSION_MAJOR=3
SAMBA_VERSION_MINOR=4
-SAMBA_VERSION_RELEASE=6
+SAMBA_VERSION_RELEASE=7
########################################################
# Bug fix releases use a letter for the patch revision #
diff --git a/source3/include/smb.h b/source3/include/smb.h
index 29c614b..2a3c455 100644
--- a/source3/include/smb.h
+++ b/source3/include/smb.h
@@ -1690,8 +1690,7 @@ minimum length == 24.
enum smbd_capability {
KERNEL_OPLOCK_CAPABILITY,
DMAPI_ACCESS_CAPABILITY,
- LEASE_CAPABILITY,
- KILL_CAPABILITY
+ LEASE_CAPABILITY
};
/*
diff --git a/source3/lib/system.c b/source3/lib/system.c
index 6349af5..e815766 100644
--- a/source3/lib/system.c
+++ b/source3/lib/system.c
@@ -592,11 +592,6 @@ char *sys_getwd(char *s)
#if defined(HAVE_POSIX_CAPABILITIES)
-/* This define hasn't made it into the glibc capabilities header yet. */
-#ifndef SECURE_NO_SETUID_FIXUP
-#define SECURE_NO_SETUID_FIXUP 2
-#endif
-
/**************************************************************************
Try and abstract process capabilities (for systems that have them).
****************************************************************************/
@@ -627,32 +622,6 @@ static bool set_process_capability(enum smbd_capability capability,
}
#endif
-#if defined(HAVE_PRCTL) && defined(PR_SET_SECUREBITS) && defined(SECURE_NO_SETUID_FIXUP)
- /* New way of setting capabilities as "sticky". */
-
- /*
- * Use PR_SET_SECUREBITS to prevent setresuid()
- * atomically dropping effective capabilities on
- * uid change. Only available in Linux kernels
- * 2.6.26 and above.
- *
- * See here:
- * http://www.kernel.org/doc/man-pages/online/pages/man7/capabilities.7.html
- * for details.
- *
- * Specifically the CAP_KILL capability we need
- * to allow Linux threads under different euids
- * to send signals to each other.
- */
-
- if (prctl(PR_SET_SECUREBITS, 1 << SECURE_NO_SETUID_FIXUP)) {
- DEBUG(0,("set_process_capability: "
- "prctl PR_SET_SECUREBITS failed with error %s\n",
- strerror(errno) ));
- return false;
- }
-#endif
-
cap = cap_get_proc();
if (cap == NULL) {
DEBUG(0,("set_process_capability: cap_get_proc failed: %s\n",
@@ -681,11 +650,6 @@ static bool set_process_capability(enum smbd_capability capability,
cap_vals[num_cap_vals++] = CAP_LEASE;
#endif
break;
- case KILL_CAPABILITY:
-#ifdef CAP_KILL
- cap_vals[num_cap_vals++] = CAP_KILL;
-#endif
- break;
}
SMB_ASSERT(num_cap_vals <= ARRAY_SIZE(cap_vals));
@@ -695,37 +659,16 @@ static bool set_process_capability(enum smbd_capability capability,
return True;
}
- /*
- * Ensure the capability is effective. We assume that as a root
- * process it's always permitted.
- */
-
- if (cap_set_flag(cap, CAP_EFFECTIVE, num_cap_vals, cap_vals,
- enable ? CAP_SET : CAP_CLEAR) == -1) {
- DEBUG(0, ("set_process_capability: cap_set_flag effective "
- "failed (%d): %s\n",
- (int)capability,
- strerror(errno)));
- cap_free(cap);
- return false;
- }
+ cap_set_flag(cap, CAP_EFFECTIVE, num_cap_vals, cap_vals,
+ enable ? CAP_SET : CAP_CLEAR);
/* We never want to pass capabilities down to our children, so make
* sure they are not inherited.
*/
- if (cap_set_flag(cap, CAP_INHERITABLE, num_cap_vals,
- cap_vals, CAP_CLEAR) == -1) {
- DEBUG(0, ("set_process_capability: cap_set_flag inheritable "
- "failed (%d): %s\n",
- (int)capability,
- strerror(errno)));
- cap_free(cap);
- return false;
- }
+ cap_set_flag(cap, CAP_INHERITABLE, num_cap_vals, cap_vals, CAP_CLEAR);
if (cap_set_proc(cap) == -1) {
- DEBUG(0, ("set_process_capability: cap_set_flag (%d) failed: %s\n",
- (int)capability,
+ DEBUG(0, ("set_process_capability: cap_set_proc failed: %s\n",
strerror(errno)));
cap_free(cap);
return False;
diff --git a/source3/smbd/server.c b/source3/smbd/server.c
index 25571a9..2c5ce40 100644
--- a/source3/smbd/server.c
+++ b/source3/smbd/server.c
@@ -1027,14 +1027,6 @@ extern void build_options(bool screen);
gain_root_privilege();
gain_root_group_privilege();
- /*
- * Ensure we have CAP_KILL capability set on Linux,
- * where we need this to communicate with threads.
- * This is inherited by new threads, but not by new
- * processes across exec().
- */
- set_effective_capability(KILL_CAPABILITY);
-
fault_setup((void (*)(void *))exit_server_fault);
dump_core_setup("smbd");
--
Samba Shared Repository
More information about the samba-cvs
mailing list