summaryrefslogtreecommitdiff
path: root/source3/lib/util_sec.c
AgeCommit message (Collapse)AuthorFilesLines
2012-07-11Move set_thread_credentials_permanently() to set_thread_credentials()Jeremy Allison1-12/+12
as we need to keep the saved set uid/gid otherwise there is an interaction with open[at]() and NO_ATIME returning EPERM. As this is meant for threaded code inside the process we don't need to do an irreverisble change anyway. Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Wed Jul 11 03:54:00 CEST 2012 on sn-devel-104
2012-07-10Fix typo we've had for a long time in set_re_uid() in the USE_SETRESUID case.Jeremy Allison1-1/+1
We only set the real euid, not the effective one. This is not a security issue as this is *only* used in the quota code, and only between code that brackets it with save_re_uid()/restore_re_uid(), Also this is not used on most platforms (we use USE_SETREUID by preference) but it's better to have this right. Bug to follow to get this fixed in 3.6.next and 3.5.next.
2012-07-03Add function set_thread_credentials_permanently(). Panic if fail.Jeremy Allison1-0/+48
Not yet used.
2012-06-30Try and fix the autoconf build on Solaris/Nexenta/etc.Jeremy Allison1-3/+0
Their AC_TRY_RUN doesn't include any current CPPFLAGS. Make the set[res]uid checks independent of this. Needs a small change to the waf build in order to code with the change. Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Sat Jun 30 00:32:36 CEST 2012 on sn-devel-104
2012-06-29Move back to using per-thread credentials on Linux. Fixes the glibc native ↵Jeremy Allison1-9/+9
AIO lost wakeup problem. See this post: https://lists.samba.org/archive/samba-technical/2012-June/085101.html for details. Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Fri Jun 29 03:57:45 CEST 2012 on sn-devel-104
2012-06-28Replace all uses of setXX[ug]id() and setgroups with samba_setXX[ug]id() calls.Jeremy Allison1-61/+66
Will allow thread-specific credentials to be added by modifying the central definitions. Deliberately left the setXX[ug]id() call in popt as this is not used in Samba.
2011-10-27Include uid_wrapper correctly.Andreas Schneider1-1/+1
2011-10-06s3: Use the uid_wrapperVolker Lendecke1-0/+1
Signed-off-by: Stefan Metzmacher <metze@samba.org> Signed-off-by: Andreas Schneider <asn@samba.org>
2007-10-18RIP BOOL. Convert BOOL -> bool. I found a few interestingJeremy Allison1-3/+3
bugs in various places whilst doing this (places that assumed BOOL == int). I also need to fix the Samba4 pidl generation (next checkin). Jeremy. (This used to be commit f35a266b3cbb3e5fa6a86be60f34fe340a3ca71f)
2007-10-10r23784: use the GPLv3 boilerplate as recommended by the FSF and the license textAndrew Tridgell1-2/+1
(This used to be commit b0132e94fc5fef936aa766fb99a306b3628e9f07)
2007-10-10r23779: Change from v2 or later to v3 or later.Jeremy Allison1-1/+1
Jeremy. (This used to be commit 407e6e695b8366369b7c76af1ff76869b45347b3)
2007-10-10r22096: become_root_uid_only() is unneeded - it's only used inJeremy Allison1-23/+1
messages.c. Refactor to use become_root() instead and make it local to messages.c Jeremy. (This used to be commit f3ffb3f98472b69b476b702dfe5c0575b32da018)
2007-10-10r21005: Add a debug message for EAGAIN error of setresuid.Volker Lendecke1-1/+7
Volker (This used to be commit 70c589a8323637ff8e1f96a56f8acaf550a58dc4)
2007-10-10r17294: Make the code a little cleaner. Instead of using the twoJeremy Allison1-3/+29
calls make it : become_root_uid_only() operation unbecome_root_uid_only() saving errno across the second call. Most of our internal change calls can be replaced with these simple calls. Jeremy (This used to be commit 4143aa83c029848d8ec741d9218b3fa6e3fd28dd)
2007-10-10r17293: After the results from the cluster tests in Germany,Jeremy Allison1-2/+8
fix the messaging code to call the efficient calls : save_re_uid() set_effective_uid(0); messaging_op restore_re_uid(); instead of using heavyweight become_root()/unbecome_root() pairs around all messaging code. Fixup the messaging code to ensure sec_init() is called (only once) so that non-root processes still work when sending messages. This is a lighter weight solution to become_root()/unbecome_root() (which swaps all the supplemental groups) and should be more efficient. I will migrate all server code over to using this (a similar technique should be used in the passdb backend where needed). Jeremy. (This used to be commit 4ace291278d9a44f5c577bdd3b282c1231e543df)
2004-01-27Clarify comment on set_effective_uid()Andrew Bartlett1-2/+10
Andrew Bartlett (This used to be commit ca24ae50ea37942dde335e97019880b6ce518a6a)
2003-10-23After a phonecall with jra finally commit this.Volker Lendecke1-5/+2
This changes our behaviour when the setresuid call is available. We now not only change the effective uid but also the real uid when becoming unprivileged. This is mainly for improved AFS compatibility, as AFS selects the token to send to the server based on the real uid of the process. I tested this with a W2k server with two non-root 'runas' sessions. They come in via a single smbd as two different users using two session setups. Samba on Linux can still switch between the two uids, proved by two different files created via those sessions. Volker (This used to be commit 556c62f93535c606122b22e7e843d9da9a1cd438)
2003-09-23Add a descriptive comment to our usage of setresuid. lib/afs.c needsVolker Lendecke1-0/+4
to be changed if we decide to set our real uid. Jeremy? Volker (This used to be commit 1fed55aa781bcf9efdd42f361c972b69152137a4)
2002-07-15updated the 3.0 branch from the head branch - ready for alpha18Andrew Tridgell1-0/+36
(This used to be commit 03ac082dcb375b6f3ca3d810a6a6367542bc23ce)
2002-03-24Spelling fixes.Tim Potter1-1/+1
(This used to be commit a5ac2ac4ada48ee3be061a32ba40bd8c4b3b3865)
2002-02-18reverted tims patch that broke configureAndrew Tridgell1-13/+0
why does anything but smbd care about sec_init() anyway?? (This used to be commit 569505b77140c2688aeab4df058b864464f23c1d)
2002-02-17Whoops, typo.Tim Potter1-4/+4
(This used to be commit e7abb79fb304b34aeb369dc6deafa96dfd1e02f3)
2002-02-17Do a smb_panic() if sec_initial_[ug]id() or non_root_mode() is calledTim Potter1-0/+13
without before sec_init(). This should avoid the formation of another magic function club. (-: (This used to be commit 1b941e2c637e41049932945607149094342359c5)
2002-01-30Removed version number from file header.Tim Potter1-2/+1
Changed "SMB/Netbios" to "SMB/CIFS" in file header. (This used to be commit 6a58c9bd06d0d7502a24bf5ce5a2faf0a146edfa)
2001-10-31Parionia to ensure people don't install libsmb based programs setuid root.Andrew Bartlett1-0/+8
libsmb has not been written to be setuid, with things like LIBSMB_PROG allowing all sort of fun and games. Andrew Bartlett (This used to be commit 0c8e9339d8238de92e9146d04091694b62874c33)
2001-10-02Removed 'extern int DEBUGLEVEL' as it is now in the smb.h header.Tim Potter1-1/+0
(This used to be commit 2d0922b0eabfdc0aaf1d0797482fef47ed7fde8e)
2001-09-15Restore the profiling data shmem parinoia. This whole area needs to beAndrew Bartlett1-0/+10
fixed - an mmaped file or the like would be a good idea. (This used to be commit bc1385fc5e55eeed626615fad92877296064a27e)
2001-07-08added sec_initial_uid() function so we can ask if a file is owned byAndrew Tridgell1-0/+8
the initial uid (This used to be commit 9449544428c9c3153f9e757c57bccda382fa2882)
2001-07-06fixed inetd operation as non-rootAndrew Tridgell1-4/+0
(This used to be commit 9a9da44455fc35cb9b1625ffefd12a9c5fe48d6b)
2001-06-25make sure we have BOOL in autoconf usage of util_sec.cAndrew Tridgell1-0/+1
(This used to be commit 72f63f5144ececdef31c659ab645eb71a88943b5)
2001-06-25- make the regresison test mode code build in by default. This shouldAndrew Tridgell1-15/+40
allow us to have test targets without special configure options - fixed make proto so that it actually does something (This used to be commit 55109a752578e9389d853cb27ec17c2114ecff77)
2001-06-22added the ability to test smbd safely as an ordinary user. The way it works isAndrew Tridgell1-0/+4
that libsmb/ creates a local tcp socket then launches smbd as a subprocess attached to that socket. smbd thinks it is being launched from inetd. to use it do the following: - compile with -DSMB_REGRESSION_TEST - run like this (also works with smbtorture etc) export SMBD_TEST=1 export LIBSMB_PROG=bin/smbd smbclient //server/share -Uuser%pass obviously you need to setup a smb.conf etc. Using --prefix to configure is useful. The aim of all this stuff is to add a decent set of regression tests to the build farm, so we know if smbd actually runs correctly on all the platforms, not just builds. We can run smbtorture, masktest, locktest etc, plus a bunch of smbclient scripts and any new tests we write. This doesn't help much with nmbd (at least not yet) but its a good start. (This used to be commit 7e8e6ae9a88c4d2587eb4e7f0501cd71bd36ebb2)
2000-12-06Fixed compiler warning.Tim Potter1-1/+1
(This used to be commit 6553f1d02792d81987dda51af76b4fc06d73a787)
2000-02-08Moved over lib/util_sec (with added fixes) as the HEAD sourceJeremy Allison1-4/+50
seems to have drifted a little. Jeremy. (This used to be commit ebcdb4afee04cc3b94e60b1de86c2b534d4e233e)
1999-12-17util_sec.c from 2.0.6Andrew Tridgell1-0/+326
(This used to be commit 955d187139365d16f3fca1abd3853ca4e49f244c)
generated by cgit (git 2.34.1) at 2024-06-02 17:12:05 +0000