Projects
openEuler:20.03:LTS:SP3
samba
_service:tar_scm_kernel_repo:backport-0001-CVE-...
Sign Up
Log In
Username
Password
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File _service:tar_scm_kernel_repo:backport-0001-CVE-2018-14628.patch of Package samba
From 890cf42b13b0debea20751a230dd45363523944a Mon Sep 17 00:00:00 2001 From: Stefan Metzmacher <metze@samba.org> Date: Fri, 29 Jan 2016 23:30:59 +0100 Subject: [PATCH 1/6] CVE-2018-14628: python:descriptor: add get_deletedobjects_descriptor() samba-tool drs clone-dc-database was quite useful to find the true value of nTSecurityDescriptor of the CN=Delete Objects containers. Only the auto inherited SACL is available via a ldap search. BUG: https://bugzilla.samba.org/show_bug.cgi?id=13595 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> (cherry picked from commit 3be190dcf7153e479383f7f3d29ddca43fe121b8) Conflict: NA Reference: https://attachments.samba.org/attachment.cgi?id=18168 [PATCH 1/6] CVE-2018-14628: python:descriptor: add --- python/samba/descriptor.py | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/python/samba/descriptor.py b/python/samba/descriptor.py index ac4c7e3273de..08c7518f56ab 100644 --- a/python/samba/descriptor.py +++ b/python/samba/descriptor.py @@ -52,6 +52,16 @@ def get_empty_descriptor(domain_sid, name_map={}): # "get_schema_descriptor" is located in "schema.py" +def get_deletedobjects_descriptor(domain_sid, name_map=None): + if name_map is None: + name_map = {} + + sddl = "O:SYG:SYD:PAI" \ + "(A;;RPWPCCDCLCRCWOWDSDSW;;;SY)" \ + "(A;;RPLC;;;BA)" + return sddl2binary(sddl, domain_sid, name_map) + + def get_config_descriptor(domain_sid, name_map={}): sddl = "O:EAG:EAD:(OA;;CR;1131f6aa-9c07-11d1-f79f-00c04fc2dcd2;;ED)" \ "(OA;;CR;1131f6ab-9c07-11d1-f79f-00c04fc2dcd2;;ED)" \ -- 2.34.1
Locations
Projects
Search
Status Monitor
Help
Open Build Service
OBS Manuals
API Documentation
OBS Portal
Reporting a Bug
Contact
Mailing List
Forums
Chat (IRC)
Twitter
Open Build Service (OBS)
is an
openSUSE project
.