become_root, unbecome root errors

Douglas VanLeuven roamdad at
Fri Jul 2 23:40:31 GMT 1999

Redhat 5.2, kernel 2.0.36, gcc,
samba CVS as of 6-24-99

In the logs:
[1999/06/15 14:54:08, 0] smbd/uid.c:become_root(370)
  ERROR: become root depth is non zero
[1999/06/15 14:54:08, 0] smbd/uid.c:unbecome_root(392)
  ERROR: unbecome root depth is 0

I realize it's just a nested become/unbecome pair that starts
as user nobody.
The problem is the 2nd call to become_root overwrites
the saved nobody data with root information and the
last (2nd) unbecome_root restores root info when it
should be nobody, leaving the process in running
as root.

Is this a potential security hole?  It has that feel.
Should the saved user data be pushed & popped?

I pared passwd, group, & smbpasswd down to
one addit user with one addit group so I don't
think it's a configuration problem.

Our MS PDC crashes several times a day, so I
really want to replace it, but I need to resolve
this before I can go production.

I traced the sequence of calls that lead to the nested call.

file : rpc_server/srv_lookup.c
int make_dom_gids(DOMAIN_GRP *mem, int num_members, DOM_GID **ppgids)

     85                 become_root(True);
     86                 status = lookup_name(name, &sid, &type);
     87                 unbecome_root(True);

uint32 lookup_name(char *name, DOM_SID *sid, uint8 *type)

    579         status = (status != 0x0) ? lookup_user_name    (user, domain, si

file : rpc_server/srv_lookup.c
static uint32 lookup_user_name(const char *name, const char *domain,

    560         status = (status != 0x0) ? lookup_added_user_name(name, domain,

static uint32 lookup_added_user_name(const char *nt_name, const char

    518         /* find the user account */
    519         become_root(True);
    520         sam_pass = getsam21pwntnam(nt_name);
    521         unbecome_root(True);

Doug VanLeuven : 707-545-6933 (voice) 707-545-6945 (fax)
Programmer/Analyst, SCWA : doug at
Chief Engineer, USMM : roamdad at

More information about the samba-technical mailing list