[Samba] Warning messages when provisioning an ADDC
Andrew Bartlett
abartlet at samba.org
Tue Feb 9 22:03:13 UTC 2021
On Tue, 2021-02-09 at 09:57 +0100, Ralph Boehme via samba wrote:
> Am 2/9/21 um 9:15 AM schrieb Andrew Bartlett:
> > Regarding unprivileged containers, jails etc, I would warn that
> > anyone
> > who stores Samba ACLs in an unprivileged namespace owns the
> > security
> > result themselves. Samba assumes that these values are protected
> > by
> > the kernel, if they are not then our security assumptions are
> > revoked.
>
> hm, hm, with the acl_xattr VFS module with "acl_xattr:ignore system
> acls" set to yes we're already relying on userspace for security
> bypassing the kernel, so I wonder whether the namespace issue is
> really
> the one I would worry about. As long as users don't have direct
> access
> to the server storing the xattr in the user namespace might be an
> option.
Well, I guess I'm just nervous that the security assumptions of
"acl_xattr:ignore system acls" and some of the other cases where our
stored NT ACL trumps the kernel ACL interpretation are based on the
xattr being read-only to normal users.
Are we really sure there is no remote method to access these?
Andrew Bartlett
--
Andrew Bartlett
https://samba.org/~abartlet/
Authentication Developer, Samba Team https://samba.org
Samba Development and Support, Catalyst IT - Expert Open Source
Solutions
https://catalyst.net.nz/services/samba
More information about the samba
mailing list