1
0
mirror of https://github.com/samba-team/samba.git synced 2024-12-22 13:34:15 +03:00
samba-mirror/source4/setup
Joseph Sutton 9447c4e81e CVE-2023-0614 ldb: Prevent disclosure of confidential attributes
Add a hook, acl_redact_msg_for_filter(), in the aclread module, that
marks inaccessible any message elements used by an LDAP search filter
that the user has no right to access. Make the various ldb_match_*()
functions check whether message elements are accessible, and refuse to
match any that are not. Remaining message elements, not mentioned in the
search filter, are checked in aclread_callback(), and any inaccessible
elements are removed at this point.

Certain attributes, namely objectClass, distinguishedName, name, and
objectGUID, are always present, and hence the presence of said
attributes is always allowed to be checked in a search filter. This
corresponds with the behaviour of Windows.

Further, we unconditionally allow the attributes isDeleted and
isRecycled in a check for presence or equality. Windows is not known to
make this special exception, but it seems mostly harmless, and should
mitigate the performance impact on searches made by the show_deleted
module.

As a result of all these changes, our behaviour regarding confidential
attributes happens to match Windows more closely. For the test in
confidential_attr.py, we can now model our attribute handling with
DC_MODE_RETURN_ALL, which corresponds to the behaviour exhibited by
Windows.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15270

Pair-Programmed-With: Andrew Bartlett <abartlet@samba.org>

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

[abartlet@samba.org adapted due to Samba 4.17 and lower
 not having the patches for CVE-2020-25720 and 4.16 and lower
 not having the patches for CVE-2022-32743 ]
2023-03-20 10:03:38 +01:00
..
ad-schema
adprep
display-specifiers
tests CVE-2020-25722 blackbox/upgrades tests: ignore SPN for ldapcmp 2021-11-09 19:45:33 +00:00
aggregate_schema.ldif
dns_update_list
extended-rights.ldif provision: use ASCII quotes 2019-04-03 10:11:49 +00:00
idmap_init.ldif
krb5.conf samba-tool: create working private krb5.conf 2019-10-08 12:50:38 +00:00
named.conf
named.conf.dlz s4/dlz: add support for bind 9.18 2022-06-18 08:47:17 +00:00
named.conf.update
named.txt provision: Suggest "minimal-responses yes;" by default 2019-06-21 00:52:19 +00:00
prefixMap.txt
provision_basedn_modify.ldif
provision_basedn_options.ldif
provision_basedn_references.ldif
provision_basedn.ldif
provision_computers_add.ldif
provision_computers_modify.ldif
provision_configuration_basedn.ldif
provision_configuration_modify.ldif
provision_configuration_references.ldif
provision_configuration.ldif
provision_dns_accounts_add.ldif
provision_dns_add_samba.ldif
provision_dnszones_add.ldif
provision_dnszones_modify.ldif
provision_dnszones_partitions.ldif
provision_group_policy.ldif
provision_init.ldif
provision_partitions.ldif
provision_privilege.ldif
provision_rootdse_add.ldif
provision_rootdse_modify.ldif
provision_schema_basedn_modify.ldif
provision_schema_basedn.ldif
provision_self_join_config.ldif
provision_self_join_modify_config.ldif s4:provision: split out provision_self_join_modify_schema.ldif 2019-04-11 04:17:10 +00:00
provision_self_join_modify_schema.ldif s4:provision: split out provision_self_join_modify_schema.ldif 2019-04-11 04:17:10 +00:00
provision_self_join_modify.ldif
provision_self_join.ldif CVE-2020-25722 s4/provision: add host/ SPNs at the start 2021-11-09 19:45:33 +00:00
provision_users_add.ldif
provision_users_modify.ldif
provision_users.ldif
provision_well_known_sec_princ.ldif
provision.ldif
provision.reg
provision.zone
schema_samba4.ldif CVE-2023-0614 ldb: Prevent disclosure of confidential attributes 2023-03-20 10:03:38 +01:00
secrets_dns.ldif
secrets_init.ldif
secrets.ldif
share.ldif
spn_update_list
wscript_build provision: Remove final code for the LDAP backend 2020-04-23 06:12:20 +00:00
ypServ30.ldif