[SCM] Samba Shared Repository - branch v4-0-stable updated
Karolin Seeger
kseeger at samba.org
Tue Mar 19 03:45:28 MDT 2013
The branch, v4-0-stable has been updated
via b341371 VERSION: Bump version number up to 4.0.4.
via 51ed8a8 WHATSNEW: Prepare release notes for Samba 4.0.4
via ee3ac64 Revert "Ensure the masks don't conflict with the ACL checks."
via fc19aaf smbd:posix_acls Remove incorrectly added lp_create_mask() and lp_dir_mask() calls
via 053dfa2 param: Remove incorrectly added defaults in AD DC allowing WORLD WRITABLE files
from 11319b5 VERSION: Disable git snapshots for the 4.0.3 release.
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v4-0-stable
- Log -----------------------------------------------------------------
commit b3413711e12c1357cb63cdbdaa250786f9119032
Author: Karolin Seeger <kseeger at samba.org>
Date: Tue Mar 19 09:28:48 2013 +0100
VERSION: Bump version number up to 4.0.4.
Bug 9709: CVE-2013-1863: Remove forced set of 'create mask' to 0777.
Signed-off-by: Karolin Seeger <kseeger at samba.org>
commit 51ed8a8e93bc99c3ea8ecdc94a36fbe670c28487
Author: Karolin Seeger <kseeger at samba.org>
Date: Tue Mar 19 09:27:57 2013 +0100
WHATSNEW: Prepare release notes for Samba 4.0.4
Bug 9709: CVE-2013-1863: Remove forced set of 'create mask' to 0777.
Signed-off-by: Karolin Seeger <kseeger at samba.org>
commit ee3ac648598f7de27dea565381faebb313dba471
Author: Andrew Bartlett <abartlet at samba.org>
Date: Sun Mar 10 20:25:53 2013 +1100
Revert "Ensure the masks don't conflict with the ACL checks."
This reverts commit 78594909b8b22bd07978922b1c85dfd6f6456963 which was
needed by 7622aa16adeb00bf161a6dd07664c37125391272.
This change masked bug #9462 which was fixed by
2013bb9b4dbed747921df2591068e2765428f57d. The issue was that the
defaults for the substituted parameters did not match the old
parameter. Changing the values in our test suite hid the issue, but
did not fix the issue.
(Additional change in the revert is to correct the expected ACL value
in posixacl.py due to changed implied inherited permissions).
Andrew Bartlett
Reviewed-by: Michael Adam <obnox at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
Autobuild-User(master): Michael Adam <obnox at samba.org>
Autobuild-Date(master): Mon Mar 11 19:46:24 CET 2013 on sn-devel-104
(cherry picked from commit 58e385a5ac37c072a4eef3baa7926b799a732e94)
The last 3 patches address bug #Bug 9709 - CVE-2013-1863; Remove forced set of
'create mask' to 0777.
CVE-2013-1863: World-writeable files may be created in additional shares on a
Samba 4.0 AD DC.
commit fc19aafa6e3e1dd1bed121c1527c52519614429f
Author: Andrew Bartlett <abartlet at samba.org>
Date: Fri Mar 8 16:15:37 2013 +1100
smbd:posix_acls Remove incorrectly added lp_create_mask() and lp_dir_mask() calls
When 6adc7dad96b8c7366da042f0d93b28c1ecb092eb removed the calls to
lp_security_mask/lp_force_security_mode/lp_dir_security_mask/lp_force_dir_security_mode
these calls were replaced with lp_create_mask() and lp_dir_mask()
The issue is that while lp_security_mask() and lp_dir_security_mask defaulted to
0777, the replacement calls did not. This changes behaviour, and incorrectly
prevents a posix mode being specified by the client from being applied to
the disk in the non-ACL enabled case.
Andrew Bartlett
Reviewed-by: Jeremy Allison <jra at samba.org>
Reviewed-by: Michael Adam <obnox at samba.org>
(cherry picked from commit fc496ef323c908a6b621198d9dc8076f6857385e)
commit 053dfa2799f11fcc49bd353abfaf0bc4d981011c
Author: Andrew Bartlett <abartlet at samba.org>
Date: Fri Mar 8 16:49:21 2013 +1100
param: Remove incorrectly added defaults in AD DC allowing WORLD WRITABLE files
These defaults were incorrectly added in
fc5caffbc139d63cab1ec105884863f73772586f in what turns out to be an
incorrect fix for bug #9462, which was in turn introduced by the
swapping of security mask (default 0777) for create mask (0755) in
6adc7dad96b8c7366da042f0d93b28c1ecb092eb.
While the permissions on sysvol and netlogon (the default shares) were
fixed by provision, any additional shares that did not yet have an
explit ACL set would create world-writable files by default.
Administrators will need to manually correct the file permissions on
any additional shares that were created after installation of the AD
DC.
Andrew Bartlett
Reviewed-by: Michael Adam <obnox at samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet at samba.org>
Autobuild-Date(master): Sun Mar 10 12:00:31 CET 2013 on sn-devel-104
(cherry picked from commit 287b5f6c0f40d3e3d09bc2ce80f5fee02cbae40f)
-----------------------------------------------------------------------
Summary of changes:
VERSION | 2 +-
WHATSNEW.txt | 52 +++++++++++++++++++++-
selftest/target/Samba3.pm | 3 +-
selftest/target/Samba4.pm | 3 +-
source3/param/loadparm.c | 2 -
source3/smbd/posix_acls.c | 17 -------
source4/scripting/python/samba/tests/posixacl.py | 2 +-
7 files changed, 54 insertions(+), 27 deletions(-)
Changeset truncated at 500 lines:
diff --git a/VERSION b/VERSION
index 90929b7..898259f 100644
--- a/VERSION
+++ b/VERSION
@@ -25,7 +25,7 @@
########################################################
SAMBA_VERSION_MAJOR=4
SAMBA_VERSION_MINOR=0
-SAMBA_VERSION_RELEASE=3
+SAMBA_VERSION_RELEASE=4
########################################################
# If a official release has a serious bug #
diff --git a/WHATSNEW.txt b/WHATSNEW.txt
index 5464717..d623330 100644
--- a/WHATSNEW.txt
+++ b/WHATSNEW.txt
@@ -1,4 +1,51 @@
=============================
+ Release Notes for Samba 4.0.4
+ March 19, 2013
+ =============================
+
+
+This is a security release in order to address CVE-2013-1863
+(World-writeable files may be created in additional shares on a
+Samba 4.0 AD DC).
+
+o CVE-2013-1863:
+ Administrators of the Samba 4.0 Active Directory Domain
+ Controller might unexpectedly find files created world-writeable
+ if additional CIFS file shares are created on the AD DC.
+ Samba versions 4.0.0rc6 - 4.0.3 (inclusive) are affected by this
+ defect.
+
+
+Changes since 4.0.3:
+--------------------
+
+o Andrew Bartlett <abartlet at samba.org>
+ * BUG 9709: CVE-2013-1863: Remove forced set of 'create mask' to 0777.
+
+
+######################################################################
+Reporting bugs & Development Discussion
+#######################################
+
+Please discuss this release on the samba-technical mailing list or by
+joining the #samba-technical IRC channel on irc.freenode.net.
+
+If you do report problems then please try to send high quality
+feedback. If you don't provide vital information to help us track down
+the problem then you will probably be ignored. All bug reports should
+be filed under the Samba 3.6 product in the project's Bugzilla
+database (https://bugzilla.samba.org/).
+
+
+======================================================================
+== Our Code, Our Bugs, Our Responsibility.
+== The Samba Team
+======================================================================
+
+Release notes for older releases follow:
+----------------------------------------
+
+ =============================
Release Notes for Samba 4.0.3
February 05, 2013
=============================
@@ -172,8 +219,9 @@ database (https://bugzilla.samba.org/).
== The Samba Team
======================================================================
-Release notes for older releases follow:
-----------------------------------------
+
+----------------------------------------------------------------------
+
=============================
Release Notes for Samba 4.0.2
diff --git a/selftest/target/Samba3.pm b/selftest/target/Samba3.pm
index 6c63413..70304fe 100755
--- a/selftest/target/Samba3.pm
+++ b/selftest/target/Samba3.pm
@@ -897,8 +897,7 @@ sub provision($$$$$$)
map system = no
map readonly = no
store dos attributes = yes
- create mask = 0777
- directory mask = 0777
+ create mask = 755
dos filemode = yes
vfs objects = $vfs_modulesdir_abs/acl_xattr.so $vfs_modulesdir_abs/fake_acls.so $vfs_modulesdir_abs/xattr_tdb.so $vfs_modulesdir_abs/streams_depot.so
diff --git a/selftest/target/Samba4.pm b/selftest/target/Samba4.pm
index 5f1c907..d17a37c 100644
--- a/selftest/target/Samba4.pm
+++ b/selftest/target/Samba4.pm
@@ -1387,8 +1387,7 @@ sub provision_plugin_s4_dc($$)
smbd:sharedelay = 100000
smbd:writetimeupdatedelay = 500000
- create mask = 0777
- directory mask = 0777
+ create mask = 755
dos filemode = yes
dcerpc endpoint servers = -winreg -srvsvc
diff --git a/source3/param/loadparm.c b/source3/param/loadparm.c
index 0e1b019..007b418 100644
--- a/source3/param/loadparm.c
+++ b/source3/param/loadparm.c
@@ -3502,8 +3502,6 @@ static void init_locals(void)
lp_do_parameter(-1, "map readonly", "no");
lp_do_parameter(-1, "map archive", "no");
lp_do_parameter(-1, "store dos attributes", "yes");
- lp_do_parameter(-1, "create mask", "0777");
- lp_do_parameter(-1, "directory mask", "0777");
}
}
diff --git a/source3/smbd/posix_acls.c b/source3/smbd/posix_acls.c
index bbc1eed..3ff34fc 100644
--- a/source3/smbd/posix_acls.c
+++ b/source3/smbd/posix_acls.c
@@ -3083,14 +3083,11 @@ SMB_ACL_T free_empty_sys_acl(connection_struct *conn, SMB_ACL_T the_acl)
static bool convert_canon_ace_to_posix_perms( files_struct *fsp, canon_ace *file_ace_list, mode_t *posix_perms)
{
- int snum = SNUM(fsp->conn);
size_t ace_count = count_canon_ace_list(file_ace_list);
canon_ace *ace_p;
canon_ace *owner_ace = NULL;
canon_ace *group_ace = NULL;
canon_ace *other_ace = NULL;
- mode_t and_bits;
- mode_t or_bits;
if (ace_count != 3) {
DEBUG(3,("convert_canon_ace_to_posix_perms: Too many ACE "
@@ -3130,20 +3127,6 @@ static bool convert_canon_ace_to_posix_perms( files_struct *fsp, canon_ace *file
if (fsp->is_directory)
*posix_perms |= (S_IWUSR|S_IXUSR);
- /* If requested apply the masks. */
-
- /* Get the initial bits to apply. */
-
- if (fsp->is_directory) {
- and_bits = lp_dir_mask(snum);
- or_bits = lp_force_dir_mode(snum);
- } else {
- and_bits = lp_create_mask(snum);
- or_bits = lp_force_create_mode(snum);
- }
-
- *posix_perms = (((*posix_perms) & and_bits)|or_bits);
-
DEBUG(10,("convert_canon_ace_to_posix_perms: converted u=%o,g=%o,w=%o "
"to perm=0%o for file %s.\n", (int)owner_ace->perms,
(int)group_ace->perms, (int)other_ace->perms,
diff --git a/source4/scripting/python/samba/tests/posixacl.py b/source4/scripting/python/samba/tests/posixacl.py
index 652721f..6a234e4 100644
--- a/source4/scripting/python/samba/tests/posixacl.py
+++ b/source4/scripting/python/samba/tests/posixacl.py
@@ -210,7 +210,7 @@ class PosixAclMappingTests(TestCaseInTempDir):
smbd.chown(self.tempdir, BA_id, SO_id)
smbd.set_simple_acl(self.tempdir, 0750)
facl = getntacl(self.lp, self.tempdir, direct_db_access=False)
- acl = "O:BAG:SOD:(A;;0x001f01ff;;;BA)(A;;0x001200a9;;;SO)(A;;;;;WD)(A;OICIIO;0x001f01ff;;;CO)(A;OICIIO;0x001f01ff;;;CG)(A;OICIIO;0x001f01ff;;;WD)"
+ acl = "O:BAG:SOD:(A;;0x001f01ff;;;BA)(A;;0x001200a9;;;SO)(A;;;;;WD)(A;OICIIO;0x001f01ff;;;CO)(A;OICIIO;0x001200a9;;;CG)(A;OICIIO;0x001200a9;;;WD)"
anysid = security.dom_sid(security.SID_NT_SELF)
self.assertEquals(acl, facl.as_sddl(anysid))
--
Samba Shared Repository
More information about the samba-cvs
mailing list