diff options
author | Jeremy Allison <jra@samba.org> | 2000-08-04 00:59:09 +0000 |
---|---|---|
committer | Jeremy Allison <jra@samba.org> | 2000-08-04 00:59:09 +0000 |
commit | 06e4f11acd3aedd6c8e4adf365932a01eca902b8 (patch) | |
tree | 07a8837ca9915b56fa0829a537f1e8a68f4e5a0c /source3 | |
parent | f87399915b009f88c41cb75a583c2972fe3daf30 (diff) | |
download | samba-06e4f11acd3aedd6c8e4adf365932a01eca902b8.tar.gz samba-06e4f11acd3aedd6c8e4adf365932a01eca902b8.tar.bz2 samba-06e4f11acd3aedd6c8e4adf365932a01eca902b8.zip |
Fixed up the user/group contexts when using authenticated pipes.
Added a become_root()/unbecome_root() (push/pop security context)
around the initgroups() call to ensure it would succeed. Hmmm - I
wonder if this call being done as non-root might explain any "group access"
bugs we've had in the past....
Jeremy.
(This used to be commit 06a65972e872f37d88b84f22ea714feebd38f6c0)
Diffstat (limited to 'source3')
-rw-r--r-- | source3/include/proto.h | 2 | ||||
-rw-r--r-- | source3/rpc_server/srv_pipe.c | 13 | ||||
-rw-r--r-- | source3/rpc_server/srv_pipe_hnd.c | 3 | ||||
-rw-r--r-- | source3/script/mkproto.awk | 2 | ||||
-rw-r--r-- | source3/smbd/password.c | 9 | ||||
-rw-r--r-- | source3/smbd/uid.c | 3 |
6 files changed, 25 insertions, 7 deletions
diff --git a/source3/include/proto.h b/source3/include/proto.h index e630d7019f..454c7f8c22 100644 --- a/source3/include/proto.h +++ b/source3/include/proto.h @@ -3546,6 +3546,7 @@ void invalidate_vuid(uint16 vuid); char *validated_username(uint16 vuid); char *validated_domain(uint16 vuid); int initialize_groups(char *user, uid_t uid, gid_t gid); +NT_USER_TOKEN *create_nt_token(uid_t uid, gid_t gid, int ngroups, gid_t *groups); uint16 register_vuid(uid_t uid,gid_t gid, char *unix_name, char *requested_name, char *domain,BOOL guest); void add_session_user(char *user); @@ -3673,6 +3674,7 @@ int reply_getattrE(connection_struct *conn, char *inbuf,char *outbuf, int size, int get_current_groups(int *p_ngroups, gid_t **p_groups); void delete_nt_token(NT_USER_TOKEN **pptoken); +NT_USER_TOKEN *dup_nt_token(NT_USER_TOKEN *ptoken); BOOL push_sec_ctx(void); void set_sec_ctx(uid_t uid, gid_t gid, int ngroups, gid_t *groups, NT_USER_TOKEN *token); void set_root_sec_ctx(void); diff --git a/source3/rpc_server/srv_pipe.c b/source3/rpc_server/srv_pipe.c index 049db69ca7..ded01e4e21 100644 --- a/source3/rpc_server/srv_pipe.c +++ b/source3/rpc_server/srv_pipe.c @@ -282,6 +282,11 @@ static BOOL api_pipe_ntlmssp_verify(pipes_struct *p, RPC_AUTH_NTLMSSP_RESP *ntlm memset(p->domain, '\0', sizeof(p->domain)); memset(p->wks, '\0', sizeof(p->wks)); + /* Set up for non-authenticated user. */ + delete_nt_token(&p->pipe_user.nt_user_token); + p->pipe_user.ngroups = 0; + safe_free( p->pipe_user.groups); + /* * Setup an empty password for a guest user. */ @@ -456,7 +461,13 @@ failed authentication on named pipe %s.\n", domain, pipe_user_name, wks, p->name p->pipe_user.uid = pass->pw_uid; p->pipe_user.gid = pass->pw_gid; - /* XXX also set up pipe user group membership */ + /* Set up pipe user group membership. */ + initialize_groups(pipe_user_name, p->pipe_user.uid, p->pipe_user.gid); + get_current_groups( &p->pipe_user.ngroups, &p->pipe_user.groups); + + /* Create an NT_USER_TOKEN struct for this user. */ + p->pipe_user.nt_user_token = create_nt_token(p->pipe_user.uid,p->pipe_user.gid, + p->pipe_user.ngroups, p->pipe_user.groups); p->ntlmssp_auth_validated = True; return True; diff --git a/source3/rpc_server/srv_pipe_hnd.c b/source3/rpc_server/srv_pipe_hnd.c index e6aeb26d63..b8ee235185 100644 --- a/source3/rpc_server/srv_pipe_hnd.c +++ b/source3/rpc_server/srv_pipe_hnd.c @@ -825,6 +825,9 @@ BOOL close_rpc_pipe_hnd(pipes_struct *p, connection_struct *conn) DLIST_REMOVE(Pipes, p); + delete_nt_token(&p->pipe_user.nt_user_token); + safe_free(p->pipe_user.groups); + ZERO_STRUCTP(p); free(p); diff --git a/source3/script/mkproto.awk b/source3/script/mkproto.awk index 766b1f093b..b36eaca33b 100644 --- a/source3/script/mkproto.awk +++ b/source3/script/mkproto.awk @@ -112,7 +112,7 @@ END { gotstart = 1; } - if( $0 ~ /^TDB_CONTEXT|^TDB_DATA|^smb_ucs2_t|^TALLOC_CTX|^hash_element|^NT_DEVICEMODE|^enum nss_status/ ) { + if( $0 ~ /^TDB_CONTEXT|^TDB_DATA|^smb_ucs2_t|^TALLOC_CTX|^hash_element|^NT_DEVICEMODE|^enum nss_status|^NT_USER_TOKEN/ ) { gotstart = 1; } diff --git a/source3/smbd/password.c b/source3/smbd/password.c index 9af7d3b1e9..4aa753c022 100644 --- a/source3/smbd/password.c +++ b/source3/smbd/password.c @@ -163,8 +163,9 @@ char *validated_domain(uint16 vuid) Initialize the groups a user belongs to. ****************************************************************************/ -int initialize_groups(char *user, uid_t uid, gid_t gid) +BOOL initialize_groups(char *user, uid_t uid, gid_t gid) { + become_root(); if (initgroups(user,gid) == -1) { DEBUG(0,("Unable to initgroups. Error was %s\n", strerror(errno) )); if (getuid() == 0) { @@ -172,9 +173,11 @@ int initialize_groups(char *user, uid_t uid, gid_t gid) DEBUG(0,("This is probably a problem with the account %s\n", user)); } } - return -1; + unbecome_root(); + return False; } - return 0; + become_root(); + return True; } /**************************************************************************** diff --git a/source3/smbd/uid.c b/source3/smbd/uid.c index f6687e9a5a..fafcd71b1a 100644 --- a/source3/smbd/uid.c +++ b/source3/smbd/uid.c @@ -207,9 +207,8 @@ BOOL become_authenticated_pipe_user(pipes_struct *p) return False; } - /* JRATEST - this needs fixined w.r.t. NT user tokens... */ set_sec_ctx(p->pipe_user.uid, p->pipe_user.gid, - p->pipe_user.ngroups, p->pipe_user.groups, NULL); + p->pipe_user.ngroups, p->pipe_user.groups, p->pipe_user.nt_user_token); return True; } |