sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-01-08 21:18:16 +03:00
Code

s3:services: Disable rcinit-based service control code

Browse Source 
This is a become_root user callout that I have never seen in use in
more than 20 years of Samba. Why disable now? In the next commit I
need to make a change to initializing the registry values for
services, the svcctl service won't be able to do registry transactions
anymore. I'm not sure that going without transactions is 100% safe in
all failure cases, so I decided to propose disabling the problematic
code that might lead to security issues.

One fix might be to add a lot more validation code to
_svcctl_OpenServiceW() to see whether the registry values underlying
the service are sane.

Yes, this is technical debt, but I would question that starting unix
daemons via DCERPC used at all out there.

Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Samuel Cabrero <scabrero@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
This commit is contained in:
Volker Lendecke 2021-06-14 07:54:55 +02:00
parent afd014245a
commit a60c7b4ff2
1 changed files with 25 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

29
source3/services/svc_rcinit.c
View File

@ -25,8 +25,15 @@
static WERROR rcinit_stop( const char *service, struct SERVICE_STATUS *status )
{
int ret = -1;
/*
* Disabled due to security concerns and unknown use in the
* field -- vl@samba.org
*/
#if 0
char *command = NULL;
int ret, fd;
int fd;
if (asprintf(&command, "%s/%s/%s stop",
get_dyn_MODULESDIR(), SVCCTL_SCRIPT_DIR, service) < 0) {
@ -50,7 +57,7 @@ static WERROR rcinit_stop( const char *service, struct SERVICE_STATUS *status )
status->state = (ret == 0 ) ? SVCCTL_STOPPED : SVCCTL_RUNNING;
status->controls_accepted = SVCCTL_ACCEPT_STOP |
SVCCTL_ACCEPT_SHUTDOWN;
#endif
return ( ret == 0 ) ? WERR_OK : WERR_ACCESS_DENIED;
}
@ -59,8 +66,14 @@ static WERROR rcinit_stop( const char *service, struct SERVICE_STATUS *status )
static WERROR rcinit_start( const char *service )
{
int ret = -1;
/*
* Disabled due to security concerns and unknown use in the
* field -- vl@samba.org
*/
#if 0
char *command = NULL;
int ret, fd;
int fd;
if (asprintf(&command, "%s/%s/%s start",
get_dyn_MODULESDIR(), SVCCTL_SCRIPT_DIR, service) < 0) {
@ -77,7 +90,7 @@ static WERROR rcinit_start( const char *service )
close(fd);
SAFE_FREE(command);
#endif
return ( ret == 0 ) ? WERR_OK : WERR_ACCESS_DENIED;
}
@ -86,6 +99,11 @@ static WERROR rcinit_start( const char *service )
static WERROR rcinit_status( const char *service, struct SERVICE_STATUS *status )
{
/*
* Disabled due to security concerns and unknown use in the
* field -- vl@samba.org
*/
#if 0
char *command = NULL;
int ret, fd;
@ -115,6 +133,9 @@ static WERROR rcinit_status( const char *service, struct SERVICE_STATUS *status
SVCCTL_ACCEPT_SHUTDOWN;
return WERR_OK;
#else
return WERR_ACCESS_DENIED;
#endif
}
/*********************************************************************