summaryrefslogtreecommitdiff
path: root/source3
diff options
context:
space:
mode:
authorAndrew Bartlett <abartlet@samba.org>2002-01-26 06:24:53 +0000
committerAndrew Bartlett <abartlet@samba.org>2002-01-26 06:24:53 +0000
commit714cdd47cb3e0e1f683c0a22396f9167a85e7df3 (patch)
tree713059fb2ea69f180f21abc39e79fa44cc5f48bd /source3
parent806991158ef016cd7a723912a6eebe1f6d3b0ed1 (diff)
downloadsamba-714cdd47cb3e0e1f683c0a22396f9167a85e7df3.tar.gz
samba-714cdd47cb3e0e1f683c0a22396f9167a85e7df3.tar.bz2
samba-714cdd47cb3e0e1f683c0a22396f9167a85e7df3.zip
Fix up a security issue with the way we handle domain groups retuned on the
info3. These are RIDs, and it only makes sense to combine them with the domain SID returned with them. This is important for trusted domains, where that sid might be other than the one we currently reterive from the secrets.tdb. Also remove the become_root()/unbecome_root() wrapper from around both remaining TDB users: Both are now initialised at smbd startup. Andrew Bartlett (This used to be commit 554842e0a55155193f25aefca6480b89d5c512ca)
Diffstat (limited to 'source3')
-rw-r--r--source3/auth/auth_domain.c18
-rw-r--r--source3/libsmb/netlogon_unigrp.c24
-rw-r--r--source3/smbd/server.c3
3 files changed, 20 insertions, 25 deletions
diff --git a/source3/auth/auth_domain.c b/source3/auth/auth_domain.c
index e84d4e4724..704f600c66 100644
--- a/source3/auth/auth_domain.c
+++ b/source3/auth/auth_domain.c
@@ -324,7 +324,6 @@ static NTSTATUS domain_client_validate(TALLOC_CTX *mem_ctx,
/* Store the user group information in the server_info returned to the caller. */
if (NT_STATUS_IS_OK(nt_status) && (info3.num_groups2 != 0)) {
- DOM_SID domain_sid;
int i;
NT_USER_TOKEN *ptok;
auth_serversupplied_info *pserver_info = *server_info;
@@ -346,21 +345,12 @@ static NTSTATUS domain_client_validate(TALLOC_CTX *mem_ctx,
goto done;
}
- if (!secrets_fetch_domain_sid(lp_workgroup(), &domain_sid)) {
- DEBUG(0, ("domain_client_validate: unable to fetch domain sid.\n"));
- nt_status = NT_STATUS_CANT_ACCESS_DOMAIN_INFO;
- free_server_info(server_info);
- goto done;
- }
-
for (i = 0; i < ptok->num_sids; i++) {
- sid_copy(&ptok->user_sids[i], &domain_sid);
+ sid_copy(&ptok->user_sids[i], &info3.dom_sid.sid);
sid_append_rid(&ptok->user_sids[i], info3.gids[i].g_rid);
}
- become_root();
uni_group_cache_store_netlogon(mem_ctx, &info3);
- unbecome_root();
}
#if 0
@@ -423,10 +413,9 @@ static NTSTATUS check_ntdomain_security(const struct auth_context *auth_context,
return NT_STATUS_LOGON_FAILURE;
}
- become_root();
-
/*
* Get the machine account password for our primary domain
+ * No need to become_root() as secrets_init() is done at startup.
*/
if (!secrets_fetch_trust_account_password(domain, trust_passwd, &last_change_time))
@@ -436,8 +425,6 @@ static NTSTATUS check_ntdomain_security(const struct auth_context *auth_context,
return NT_STATUS_CANT_ACCESS_DOMAIN_INFO;
}
- unbecome_root();
-
/* Test if machine password is expired and need to be changed */
if (time(NULL) > last_change_time + lp_machine_password_timeout())
{
@@ -470,4 +457,3 @@ BOOL auth_init_ntdomain(struct auth_context *auth_context, auth_methods **auth_m
(*auth_method)->auth = check_ntdomain_security;
return True;
}
-
diff --git a/source3/libsmb/netlogon_unigrp.c b/source3/libsmb/netlogon_unigrp.c
index 317a5bc3d0..d4063242f6 100644
--- a/source3/libsmb/netlogon_unigrp.c
+++ b/source3/libsmb/netlogon_unigrp.c
@@ -37,18 +37,24 @@ static TDB_CONTEXT *netlogon_unigrp_tdb = NULL;
array of uint32 where array[0] is number of elements
and elements are array[1] ... array[array[0]]
*/
+
+BOOL uni_group_cache_init(void)
+{
+ if (!netlogon_unigrp_tdb) {
+ netlogon_unigrp_tdb = tdb_open_log(lock_path("netlogon_unigrp.tdb"), 0,
+ TDB_NOLOCK, O_RDWR | O_CREAT, 0644);
+ }
+
+ return (netlogon_unigrp_tdb != NULL);
+}
+
void uni_group_cache_store_netlogon(TALLOC_CTX *mem_ctx, NET_USER_INFO_3 *user)
{
TDB_DATA key,data;
fstring keystr;
int i;
-
- if (!netlogon_unigrp_tdb) {
- netlogon_unigrp_tdb = tdb_open_log(lock_path("netlogon_unigrp.tdb"), 0,
- TDB_NOLOCK, O_RDWR | O_CREAT, 0644);
- }
- if (!netlogon_unigrp_tdb) {
+ if (!uni_group_cache_init()) {
DEBUG(0,("uni_group_cache_store_netlogon: cannot open netlogon_unigrp.tdb for write!\n"));
return;
}
@@ -145,8 +151,8 @@ uint32* uni_group_cache_fetch(DOM_SID *domain, uint32 user_rid,
/* Shutdown netlogon_unigrp database */
void uni_group_cache_shutdown(void)
{
- if(netlogon_unigrp_tdb) {
- tdb_close(netlogon_unigrp_tdb);
- }
+ if(netlogon_unigrp_tdb) {
+ tdb_close(netlogon_unigrp_tdb);
+ }
}
diff --git a/source3/smbd/server.c b/source3/smbd/server.c
index 492632e7ac..44002bfc94 100644
--- a/source3/smbd/server.c
+++ b/source3/smbd/server.c
@@ -556,6 +556,7 @@ static void init_structs(void )
init_dptrs();
secrets_init();
+
}
/****************************************************************************
@@ -841,6 +842,8 @@ static void usage(char *pname)
if(!initialize_password_db(False))
exit(1);
+ uni_group_cache_init(); /* Non-critical */
+
/* possibly reload the services file. */
reload_services(True);