diff options
| author | Andrew Bartlett <abartlet@samba.org> | 2002-01-26 06:24:53 +0000 |
|---|---|---|
| committer | Andrew Bartlett <abartlet@samba.org> | 2002-01-26 06:24:53 +0000 |
| commit | 714cdd47cb3e0e1f683c0a22396f9167a85e7df3 (patch) | |
| tree | 713059fb2ea69f180f21abc39e79fa44cc5f48bd /source3/auth/auth_domain.c | |
| parent | 806991158ef016cd7a723912a6eebe1f6d3b0ed1 (diff) | |
| download | samba-714cdd47cb3e0e1f683c0a22396f9167a85e7df3.tar.gz samba-714cdd47cb3e0e1f683c0a22396f9167a85e7df3.tar.bz2 samba-714cdd47cb3e0e1f683c0a22396f9167a85e7df3.zip | |
Fix up a security issue with the way we handle domain groups retuned on the
info3. These are RIDs, and it only makes sense to combine them with the domain
SID returned with them. This is important for trusted domains, where that sid
might be other than the one we currently reterive from the secrets.tdb.
Also remove the become_root()/unbecome_root() wrapper from around both
remaining TDB users: Both are now initialised at smbd startup.
Andrew Bartlett
(This used to be commit 554842e0a55155193f25aefca6480b89d5c512ca)
Diffstat (limited to 'source3/auth/auth_domain.c')
| -rw-r--r-- | source3/auth/auth_domain.c | 18 |
1 files changed, 2 insertions, 16 deletions
diff --git a/source3/auth/auth_domain.c b/source3/auth/auth_domain.c index e84d4e4724..704f600c66 100644 --- a/source3/auth/auth_domain.c +++ b/source3/auth/auth_domain.c @@ -324,7 +324,6 @@ static NTSTATUS domain_client_validate(TALLOC_CTX *mem_ctx, /* Store the user group information in the server_info returned to the caller. */ if (NT_STATUS_IS_OK(nt_status) && (info3.num_groups2 != 0)) { - DOM_SID domain_sid; int i; NT_USER_TOKEN *ptok; auth_serversupplied_info *pserver_info = *server_info; @@ -346,21 +345,12 @@ static NTSTATUS domain_client_validate(TALLOC_CTX *mem_ctx, goto done; } - if (!secrets_fetch_domain_sid(lp_workgroup(), &domain_sid)) { - DEBUG(0, ("domain_client_validate: unable to fetch domain sid.\n")); - nt_status = NT_STATUS_CANT_ACCESS_DOMAIN_INFO; - free_server_info(server_info); - goto done; - } - for (i = 0; i < ptok->num_sids; i++) { - sid_copy(&ptok->user_sids[i], &domain_sid); + sid_copy(&ptok->user_sids[i], &info3.dom_sid.sid); sid_append_rid(&ptok->user_sids[i], info3.gids[i].g_rid); } - become_root(); uni_group_cache_store_netlogon(mem_ctx, &info3); - unbecome_root(); } #if 0 @@ -423,10 +413,9 @@ static NTSTATUS check_ntdomain_security(const struct auth_context *auth_context, return NT_STATUS_LOGON_FAILURE; } - become_root(); - /* * Get the machine account password for our primary domain + * No need to become_root() as secrets_init() is done at startup. */ if (!secrets_fetch_trust_account_password(domain, trust_passwd, &last_change_time)) @@ -436,8 +425,6 @@ static NTSTATUS check_ntdomain_security(const struct auth_context *auth_context, return NT_STATUS_CANT_ACCESS_DOMAIN_INFO; } - unbecome_root(); - /* Test if machine password is expired and need to be changed */ if (time(NULL) > last_change_time + lp_machine_password_timeout()) { @@ -470,4 +457,3 @@ BOOL auth_init_ntdomain(struct auth_context *auth_context, auth_methods **auth_m (*auth_method)->auth = check_ntdomain_security; return True; } - |