NT PDC and Samba-TNG BDC? Anyone?

Dominik Kubla dominik.kubla at uni-mainz.de
Wed May 10 13:55:38 GMT 2000

I just found something interesting in the lsarpcd logfile:

[2000/05/10 15:49:42, 1] msrpc/msrpcd.c:main(444)
  lsarpcd version TNG-alpha started.
    Copyright Andrew Tridgell 1992-1999
    create_pipe_socket: /var/lock/samba-tng/.msrpc 448 /var/lock/samba-tng/.msrpc/lsarpc 448
    *** Please someone examine create_pipe_socket and fix it ***
    *** if used other than for exclusive root access ***
    *** (see perms, which should be 0700 and 0600) ***
    *** there is a race condition to be exploited. ***
    remove on /var/lock/samba-tng/.msrpc/lsarpc failed
    _lsa_open_secret: couldn't open secret_db. Possible attack?
    uid=0, gid=0, euid=65534, egid=65534

I doestn't surprise me the least that this fails, because the permisions
on the secret_db are:

-rw-------    1 root     root         8192 May 10 15:49 NETZGRUPPE.ADMIN.tdb

So there is no way nobody.nogroup can open this file O_RDWR.  Is this a bug
or a misconfiguration on my behalf?

  Networking Group,  Hospital of Johannes Gutenberg-University                  
  Obere Zahlbacher Straße 69, 55101 Mainz, Germany                              
  Tel: +49 (0)6131 17-2482   FAX: +49 (0)6131 17-5521                           

More information about the samba-ntdom mailing list