Bug 8501 - nmbd (and smbd) can potentially kill almost all processes on the local machine
nmbd (and smbd) can potentially kill almost all processes on the local machine
Status: NEW
Product: Samba 3.6
Classification: Unclassified
Component: Nmbd
3.6.0
All All
: P5 normal
: ---
Assigned To: Jeremy Allison
Samba QA Contact
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2011-09-29 13:44 UTC by Lars Müller
Modified: 2011-10-28 13:07 UTC (History)
2 users (show)

See Also:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Lars Müller 2011-09-29 13:44:26 UTC
This report is from Olaf Flebbe:

In order to reproduce:

*   Use a production, _non_ DEVELOPER build of samba 3.4.x or 3.5.x
(tested it with 3.4.9 and 3.5.6)

*   start smbd and nmbd.

*   Use smbcontrol from 3.6.0 on the same(!) machine running nmbd/smbd
3.4/3.5.

*   Do "smbcontrol nmbd ping"


and you are logged out, sshd has died, X server dies
Comment 1 Andrew Bartlett 2011-09-29 17:55:07 UTC
The two patches committed to master are:

http://git.samba.org/?p=samba.git;a=commitdiff;h=288265c049f3f0600bd89efa61185c16d36ab017

and 

http://git.samba.org/?p=samba.git;a=commitdiff;h=eb245091e59402780d8a2136a30e0cf31398f7cf

These are not fixes for this issue, because it is the older binary that causes the problem, but instead fixes to ensure that at some time in the future we don't have similar issues.  

However, the check for -1 may be backported, and the pull_struct_blob_all may be with care.  

The only way to stop nmbd in 3.4 sending the signal will be to patch 3.4, which is now maintained for security releases only, or to have new versions (ie 4.0) follow Volker's suggestion that we move to the datagram based transport. 

Issuing a new 3.4 or 3.5 release won't help many sites as these sites will probably be upgrading direct to 3.6 in any case. 

In short, never mix TDB files for multiple versions of Samba at once.
Comment 2 Olaf Flebbe 2011-10-28 13:07:26 UTC
Looks good, can be closed.