[Pkg-samba-maint] Bug#424629: [Samba] force group to Unix group in 3.0.25

david rankin drankinatty at suddenlinkmail.com
Fri May 18 18:16:25 UTC 2007 

From: "Gerald (Jerry) Carter"
>
> Christian Perrier wrote:
>>> Our bug.  I fixed it last night for next week's 3.0.25a release
>>> (http://wiki.samba.org/index.php/Release_Planning_for_Samba_3.0).
>>>
>>> You can either retest against the SAMBA_3_0_25 svn tree or I
>>> can send you a patch.
>>
>>
>> Jerry, apparently this bug hits Debian's version in etch as it
>> appeared after the security fix for CVE-2007-2444. See
>> http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=424629
>>
>> As you certainly know, upgrading the version in etch
>> to 3.0.25a is out of question, so we need to patch the
>> 3.0.24 version to fix this.
>>
>> So, if you have the patch handy, we'd be deeply interested.
>
> Ah yeah.  I didn't think about that.  Attached.
>
>> Is there a bug report for this issue in Samba's BTS? I can't
>> find one.
>
> Note sure.  We went back and forth with David Rankin on it
> getting the necessary information.
>
>

Jerry,

    The patch is working fine. I have had it running on the production 
machine at work since 12:00 am and there have been no *howls* from the rest 
of the minions........ and I haven't run into any trouble.

--
David C. Rankin, J.D., P.E.
510 Ochiltree Street
Nacogdoches, Texas 75961
(936) 715-9333
(936) 715-9339 fax
www.rankinlawfirm.com
--


--------------------------------------------------------------------------------


> === modified file 'source/smbd/uid.c'
> --- source/smbd/uid.c 2007-05-12 16:45:55 +0000
> +++ source/smbd/uid.c 2007-05-18 17:33:11 +0000
> @@ -151,7 +151,9 @@
>  char group_c;
>  BOOL must_free_token = False;
>  NT_USER_TOKEN *token = NULL;
> -
> + int num_groups = 0;
> + gid_t *group_list = NULL;
> +
>  if (!conn) {
>  DEBUG(2,("change_to_user: Connection not open\n"));
>  return(False);
> @@ -190,14 +192,14 @@
>  if (conn->force_user) /* security = share sets this too */ {
>  uid = conn->uid;
>  gid = conn->gid;
> - current_user.ut.groups = conn->groups;
> - current_user.ut.ngroups = conn->ngroups;
> +         group_list = conn->groups;
> + num_groups = conn->ngroups;
>  token = conn->nt_user_token;
>  } else if (vuser) {
>  uid = conn->admin_user ? 0 : vuser->uid;
>  gid = vuser->gid;
> - current_user.ut.ngroups = vuser->n_groups;
> - current_user.ut.groups  = vuser->groups;
> + num_groups = vuser->n_groups;
> + group_list  = vuser->groups;
>  token = vuser->nt_user_token;
>  } else {
>  DEBUG(2,("change_to_user: Invalid vuid used %d in accessing "
> @@ -230,8 +232,8 @@
>  */
>
>  int i;
> - for (i = 0; i < current_user.ut.ngroups; i++) {
> - if (current_user.ut.groups[i] == conn->gid) {
> + for (i = 0; i < num_groups; i++) {
> + if (group_list[i] == conn->gid) {
>  gid = conn->gid;
>  gid_to_sid(&token->user_sids[1], gid);
>  break;
> @@ -243,6 +245,12 @@
>  }
>  }
>
> + /* Now set current_user since we will immediately also call
> +    set_sec_ctx() */
> +
> + current_user.ut.ngroups = num_groups;
> + current_user.ut.groups  = group_list;
> +
>  set_sec_ctx(uid, gid, current_user.ut.ngroups, current_user.ut.groups,
>      token);
>
>
>


--------------------------------------------------------------------------------


> -- 
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/listinfo/samba

More information about the Pkg-samba-maint mailing list