sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-01-27 14:04:05 +03:00
Code
samba-mirror/source4
History
Andrew Bartlett b7b91c8594 dsdb-acl: Run sec_access_check_ds on each attribute proposed to modify (bug #9554 - CVE-2013-0172) 
This seems inefficient, but is needed for correctness.  The
alternative might be to have the sec_access_check_ds code confirm that
*all* of the nodes in the object tree have been cleared to
node->remaining_bits == 0.

Otherwise, I fear that write access to one attribute will become write
access to all attributes.

Andrew Bartlett

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit d776fd807e0c9a62f428ce666ff812655f98bc47)
2013-01-15 12:14:25 +01:00
..
auth
auth/credentials: Support match-by-key in cli_credentials_get_server_gss_creds()
2012-08-30 01:26:12 +02:00
build/pasn1
s4: Remove the old perl/m4/make/mk-based build system.
2010-10-31 02:01:44 +00:00
cldap_server
s4: Fix a -Wunused-value warning
2012-09-26 21:52:00 +02:00
client
s4-client: Check return codes in do_connect().
2012-12-21 13:55:59 +01:00
cluster
lib/tdb_wrap: use tdb directly, not tdb_compat.
2012-06-19 05:38:07 +02:00
dns_server
s4-dns: Fix format string vulnerability in an error message (bug #9354)
2012-11-04 16:58:13 +01:00
dsdb
dsdb-acl: Run sec_access_check_ds on each attribute proposed to modify (bug #9554 - CVE-2013-0172)
2013-01-15 12:14:25 +01:00
echo_server
lib/param: Create a seperate server role for "active directory domain controller"
2012-06-15 09:18:33 +02:00
heimdal
heimdal: fixed -Werror=format error in com_err
2012-08-02 08:59:24 +02:00
heimdal_build
heimdal_build: Fix finding of system heimdal.
2012-11-06 16:27:03 +01:00
include
Replace all uses of setXX[ug]id() and setgroups with samba_setXX[ug]id() calls.
2012-06-28 17:15:16 -07:00
kdc
s4-kdc: Improve grammer and clarity of password change failure messages.
2012-09-01 03:33:21 +02:00
ldap_server
ldap-server: sscanf result was never used to mistyped var
2012-10-07 21:51:02 -07:00
lib
Use the new directory_create_or_exist_strict() function.
2013-01-09 09:11:20 +01:00
libcli
s4-resolve: Fix parsing of IPv6/AAAA in dns_lookup (bug #9555)
2013-01-12 10:32:28 +01:00
libnet
libnet-vampire: reports Exops as they rather than sync on some partitions
2013-01-09 09:01:30 +01:00
librpc
s4-librpc: Remove dead code in smb_send_request().
2012-12-21 13:56:00 +01:00
nbt_server
lib/param: Create a seperate server role for "active directory domain controller"
2012-06-15 09:18:33 +02:00
ntp_signd
Use the new directory_create_or_exist_strict() function.
2013-01-09 09:11:20 +01:00
ntptr
Introduce system MIT krb5 build with --with-system-mitkrb5 option.
2012-05-23 17:51:50 +03:00
ntvfs
ntvfs: Fill in sd->type based on the new ACL being added
2012-11-13 22:48:19 +01:00
param
s4-provision: pass use_ntvfs from C wrappers and set to true in tests/vampire
2012-08-22 01:31:57 +02:00
rpc_server
spoolss: add stubs for new JobNamedProperty dcerpc calls.
2013-01-07 19:06:25 +01:00
script
lib/param move source4 param code to the top level
2011-10-11 13:41:34 +11:00
scripting
scripting/samba_upgradedns: Only look for IPv4/IPv6 addresses if we actually them
2013-01-10 20:56:50 +01:00
selftest
selftest: Add test for rfc2307 mapping handling
2013-01-10 14:52:52 +01:00
setup
s4:provision: set the correct nTSecurityDescriptor on CN=Domain Controllers,... (bug #9481)
2012-12-11 07:05:39 +01:00
smb_server
lib/param: Create a seperate server role for "active directory domain controller"
2012-06-15 09:18:33 +02:00
smbd
Use the new directory_create_or_exist_strict() function.
2013-01-09 09:11:20 +01:00
torture
libcli/auth: rename netlogon_creds_decrypt_samlogon() to netlogon_creds_decrypt_samlogon_validation().
2012-12-15 21:50:36 +01:00
utils
ntlm_auth4: Use new samba_getpass() function.
2012-12-03 14:35:10 +01:00
web_server
wsgi: Serve '500 Internal Server Error' page when errors occur.
2012-12-05 18:40:25 +01:00
winbind
s4-idmap: Remove requirement that posixAccount or posixGroup be set for rfc2307
2013-01-10 14:52:56 +01:00
wrepl_server
lib/param: Remove use of lp{cfg,}_socket_address outside the NBT client and server
2012-07-27 17:59:51 +10:00
.clang_complete
s3-build: Add .clang_complete.
2011-10-27 17:09:50 +02:00
.valgrind_suppressions
NEWS
s4-param Remove 'sam database' parameter
2011-06-06 15:02:38 +10:00
TODO
update TODO: net has been renamed to samba-tool.
2011-07-23 22:08:09 +02:00
wscript_build
build: Add missing deps and make MESSAGING a private library
2012-06-07 06:45:06 +02:00