Become_

Michael Glauche mg at plum.de
Wed Jun 16 07:33:18 GMT 1999


Douglas VanLeuven schrieb:
> 
> >From the logs:
> [1999/06/15 14:54:08, 0] smbd/uid.c:become_root(370)
>   ERROR: become root depth is non zero
> [1999/06/15 14:54:08, 0] smbd/uid.c:unbecome_root(392)
>   ERROR: unbecome root depth is 0
> 
> This has been nagging at me for some weeks.
> So I added some DEBUG statements to dump the uids involved.
> 
> [1999/06/15 14:54:08, 0] smbd/uid.c:become_root(372)
>   TRACE: become_root, current_user.uid=99
>         [1999/06/15 14:54:08, 0] smbd/uid.c:become_root(372)
>           TRACE: become_root, current_user.uid=0
>         [1999/06/15 14:54:08, 0] smbd/uid.c:become_root(370)
>           ERROR: become root depth is non zero
>         [1999/06/15 14:54:08, 0] smbd/uid.c:unbecome_root(395)
>           TRACE: unbecome root, current uid=0, old uid=0
> [1999/06/15 14:54:08, 0] smbd/uid.c:unbecome_root(395)
>   TRACE: unbecome root, current uid=0, old uid=0
> [1999/06/15 14:54:08, 0] smbd/uid.c:unbecome_root(392)
>   ERROR: unbecome root depth is 0
> 
> I realize it's just a nested become/unbecome pair that starts as user
> nobody.
> The problem is the 2nd call to become_root saves root information
> in the static variable current_user_saved and the last (2nd)
> unbecome_root
> restores root info when it should be nobody.
> I don't have the depth of understanding to ponder the security
> implications of this.  So instead I patched it to avoid saving/restoring
> 
> the current_user unless in the first level call.
> 
> Anyone have a better idea?

>From Luke :

> and what does " ERROR: become root depth is non zero" mean ?

nested calls to become_root(). you probably are being caught out by user
names being same as group names (which you cannot do on NT, therefore
you
cannot do the same on the unix side either, without re-mapping). 
someone
want to explain this, refer to previous archive articles?

luke


More information about the samba-ntdom mailing list