Bug 13375 - SMB1 UNIX extensions change wrong field in fchown.
Summary: SMB1 UNIX extensions change wrong field in fchown.
Status: RESOLVED FIXED
Alias: None
Product: Samba 4.1 and newer
Classification: Unclassified
Component: File services (show other bugs)
Version: unspecified
Hardware: All All
: P5 normal (vote)
Target Milestone: ---
Assignee: Karolin Seeger
QA Contact: Samba QA Contact
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2018-04-09 16:32 UTC by Jeremy Allison
Modified: 2018-04-12 06:55 UTC (History)
1 user (show)

See Also:

Attachments
git-am fix for 4.7.next, 4.8.next. (1.40 KB, patch)
2018-04-09 22:59 UTC, Jeremy Allison 		ddiss: review+
Details
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Jeremy Allison 2018-04-09 16:32:01 UTC 
Cut-and-paste error means fchown call attempts to change uid when it should be changing gid. Not a security issue due to this being restricted to what the current user can change without elevated privileges.

Noticed by "Rungta, Vandana" <vrungta@amazon.com>.

Patch to follow.
Comment 1 Jeremy Allison 2018-04-09 22:59:55 UTC 
Created attachment 14116 [details]
git-am fix for 4.7.next, 4.8.next.

Cherry-picked from master. Applies cleanly to both branches.
Comment 2 David Disseldorp 2018-04-10 09:06:49 UTC 
@Karo: Please apply for 4.7.next and 4.8.next .

I'd like to get this into 4.6 too, but given that it's not strictly a sec fix I guess we'll have to carry it downstream.
Comment 3 Karolin Seeger 2018-04-10 09:48:52 UTC 
(In reply to David Disseldorp from comment #2)
@David, there will be a last bugfix release for 4.6 tomorrow.
Comment 4 David Disseldorp 2018-04-10 10:00:48 UTC 
(In reply to Karolin Seeger from comment #3)

@Karo: in that case, could you please apply the same patch to 4.6.next - I've reviewed and build-tested it against v4-6-test.
Comment 5 Karolin Seeger 2018-04-10 19:13:20 UTC 
(In reply to David Disseldorp from comment #4)
Sure, thanks! :-)

Pushed to autobuild-v4-[8,7,6]-test.
Comment 6 Karolin Seeger 2018-04-12 06:55:48 UTC 
(In reply to Karolin Seeger from comment #5)
Pushed to all branches.
Closing out bug report.

Thanks!