The Samba-Bugzilla – Attachment 3509 Details for
Bug 5715
ldb creates world-writable (== potentially exploitable) databases by default
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
better patch
0001-ldb-Fix-permissions-of-group_mapping.ldb.patch (text/plain), 903 bytes, created by
Karolin Seeger
on 2008-08-27 03:52:10 UTC
(
hide
)
Description:
better patch
Filename:
MIME Type:
Creator:
Karolin Seeger
Created:
2008-08-27 03:52:10 UTC
Size:
903 bytes
patch
obsolete
>From 1fb86ecce63a5f744973e31ba9d0d37b21ec7a08 Mon Sep 17 00:00:00 2001 >From: Andrew Tridgell <tridge@samba.org> >Date: Wed, 27 Aug 2008 10:45:43 +0200 >Subject: [PATCH] ldb: Fix permissions of group_mapping.ldb. > >This one fixes bug #5715 and CVE-2008-3789. >--- > source/groupdb/mapping_ldb.c | 8 +++++++- > 1 files changed, 7 insertions(+), 1 deletions(-) > >diff --git a/source/groupdb/mapping_ldb.c b/source/groupdb/mapping_ldb.c >index 6775f61..ce65d7c 100644 >--- a/source/groupdb/mapping_ldb.c >+++ b/source/groupdb/mapping_ldb.c >@@ -74,7 +74,13 @@ static bool init_group_mapping(void) > if (ret != LDB_SUCCESS) { > goto failed; > } >- >+ >+ /* force the permissions on the ldb to 0600 - this will fix >+ existing databases as well as new ones */ >+ if (chmod(db_path, 0600) != 0) { >+ goto failed; >+ } >+ > if (!existed) { > /* initialise the ldb with an index */ > struct ldb_ldif *ldif; >-- >1.5.4.4 >
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=3509">View the attachment on a separate page</a>.</b>
View Attachment As Raw
Actions:
View
Attachments on
bug 5715
:
3506
| 3509