CVS update: samba/source
a.bokovoy at sam-solutions.net
Wed Sep 10 17:28:05 GMT 2003
On Wed, Sep 10, 2003 at 07:39:02PM +0300, Alexander Bokovoy wrote:
> > I agree - these take forever, and those that 'know' their system is fine
> > (and only a packager can really know that, as they can assert a
> > dependency) can patch.
> > Otherwise, we have a config option for years - but worse we have people
> > who will turn it on/off on all sorts of systems, without understanding
> > it.
> Ok, made a test which seems to work and detects vulnerable systems.
> The idea is to pass big buffer to getgrouplist() but request 0 groups to
> return. This way even primary group copying should fail on proper system
> and copy nothing thus resulting in proper behaviour. On vulnerable systems
> it will copy all groups but as we have passed much bigger buffer (I think
> 4096 groups would be enough), this wouldn't cause seg fault in our test.
Too fast, too faulty. Forget about this patch, fortune(6) is right in my
/ Alexander Bokovoy
Stupidity, like virtue, is its own reward.
More information about the samba-technical