1
0
mirror of https://github.com/samba-team/samba.git synced 2024-12-24 21:34:56 +03:00
samba-mirror/selftest/knownfail.d/modify-order
Andrew Bartlett a3aee582a5 CVE-2020-25722 Ensure the structural objectclass cannot be changed
If the structural objectclass is allowed to change, then the restrictions
locking an object to remaining a user or computer will not be enforcable.

Likewise other LDAP inheritance rules, which allow only certain
child objects can be bypassed, which can in turn allow creation of
(unprivileged) users where only DNS objects were expected.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14753
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14889

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Joseph Sutton <josephsutton@catalyst.net.nz>
2021-11-09 19:45:34 +00:00

9 lines
713 B
Plaintext

samba4.ldap_modify_order.python.+ModifyOrderTests.test_modify_order_account_locality_device
samba4.ldap_modify_order.python.+ModifyOrderTests.test_modify_order_container_flags_multivalue
samba4.ldap_modify_order.python.+ModifyOrderTests.test_modify_order_objectclass2
samba4.ldap_modify_order.python.+ModifyOrderTests.test_modify_order_singlevalue
samba4.ldap_modify_order.normal_user.+ModifyOrderTests.test_modify_order_account_locality_device
samba4.ldap_modify_order.normal_user.+ModifyOrderTests.test_modify_order_container_flags[^_]
samba4.ldap_modify_order.normal_user.+ModifyOrderTests.test_modify_order_objectclass[^2]
samba4.ldap_modify_order.normal_user.+ModifyOrderTests.test_modify_order_objectclass2