mirror of
https://github.com/samba-team/samba.git
synced 2025-01-14 19:24:43 +03:00
d11473b15d
Remove the sock_exec code which is no longer needed and additionally has been
used by exploit code.
This was originally test support code, the tests relying on the sock_exec
code have been removed.
Past exploits have used sock_exec as a proxy for system() matching a talloc
destructor prototype.
See for example:
Exploit for Samba vulnerabilty (CVE-2015-0240) at
https://gist.github.com/worawit/051e881fc94fe4a49295
and the Red Hat post at
https://access.redhat.com/blogs/766093/posts/1976553
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Mon Nov 20 07:20:13 CET 2017 on sn-devel-144
README for testsuite directory
------------------------------
The Samba testsuite is divided up into the following subdirectories.
- lib Various library files used by tool directories
- nsswitch Tests for nsswitch extensions
- build_farm Tests designed to run automatically on the build farm
All the scripts except those in build_farm require an unreleased
version of DejaGNU, and although they contain some useful tests they
are not so useful at the moment. All scripts are migrating to a
single test framework, Satyr. <cvs://cvs.samba.org/data/cvs/satyr>