NT PDC and Samba-TNG BDC? Anyone?
Dominik Kubla
dominik.kubla at uni-mainz.de
Wed May 10 13:55:38 GMT 2000
I just found something interesting in the lsarpcd logfile:
[2000/05/10 15:49:42, 1] msrpc/msrpcd.c:main(444)
lsarpcd version TNG-alpha started.
Copyright Andrew Tridgell 1992-1999
create_pipe_socket: /var/lock/samba-tng/.msrpc 448 /var/lock/samba-tng/.msrpc/lsarpc 448
*** Please someone examine create_pipe_socket and fix it ***
*** if used other than for exclusive root access ***
*** (see perms, which should be 0700 and 0600) ***
*** there is a race condition to be exploited. ***
remove on /var/lock/samba-tng/.msrpc/lsarpc failed
_lsa_open_secret: couldn't open secret_db. Possible attack?
uid=0, gid=0, euid=65534, egid=65534
I doestn't surprise me the least that this fails, because the permisions
on the secret_db are:
-rw------- 1 root root 8192 May 10 15:49 NETZGRUPPE.ADMIN.tdb
So there is no way nobody.nogroup can open this file O_RDWR. Is this a bug
or a misconfiguration on my behalf?
Dominik
--
Networking Group, Hospital of Johannes Gutenberg-University
Obere Zahlbacher Straße 69, 55101 Mainz, Germany
Tel: +49 (0)6131 17-2482 FAX: +49 (0)6131 17-5521
More information about the samba-ntdom
mailing list