[Samba] explorer.exe crashes on security tab access
kacper at kacper.se
Thu Aug 16 19:20:29 UTC 2018
The same thing happen if the group on a file is wheel or any other unix
group. I also now observed that this also happens to unix users that are
not mapped in idmap.ldb.
# useradd myunixuser
# touch myfile
# chown myunixuser myfile
# chgrp SAMDOM\sambauser myfile
alos crashes explorer.
On Thu, Aug 16, 2018 at 8:55 PM, Rowland Penny via samba <
samba at lists.samba.org> wrote:
> On Thu, 16 Aug 2018 11:46:01 -0700
> Jeremy Allison <jra at samba.org> wrote:
> > On Thu, Aug 16, 2018 at 07:35:46PM +0100, Rowland Penny via samba
> > wrote:
> > > >
> > > > The crash only happens when a local unix group (in this case
> > > > root) is set as the group for the shared file.
> > >
> > > There is one very big problem with that theory, Administrator is
> > > mapped (in idmap.ldb) to root, so when you read 'root' on a DC, you
> > > can also read 'Administrator' (Which is most definitely a Domain
> > > user) ;-)
> > Whatever the case explorer.exe shouldn't crash on any data
> > returned from the server. If it does that's a possible
> > security flaw and you should report it immediately to
> > Microsoft (I just fixed a similar problem with libsmbclient
> > in our recent security release, that's why I'm sensitive
> > to these things).
> Hi Jeremy, I have now made it crash!
> If the group on a file is 'root' explorer turns its toes up and dies.
> It is failing with exception code 0xc0000005
> To unsubscribe from this list go to the following URL and read the
> instructions: https://lists.samba.org/mailman/options/samba
More information about the samba