Projects
openEuler:20.03:LTS:SP3
samba
_service:tar_scm_kernel_repo:backport-0005-CVE-...
Sign Up
Log In
Username
Password
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File _service:tar_scm_kernel_repo:backport-0005-CVE-2018-14628.patch of Package samba
From 83dbd0c922640bb1ac244d2855c00d6984625963 Mon Sep 17 00:00:00 2001 From: Stefan Metzmacher <metze@samba.org> Date: Wed, 7 Jun 2023 18:18:58 +0200 Subject: [PATCH 5/6] CVE-2018-14628: dbchecker: use get_deletedobjects_descriptor for missing deleted objects container BUG: https://bugzilla.samba.org/show_bug.cgi?id=13595 Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> (cherry picked from commit 70586061128f90afa33f25e104d4570a1cf778db) Conflict: context adapt Reference: https://attachments.samba.org/attachment.cgi?id=18168 [PATCH 5/6] CVE-2018-14628: dbchecker: use --- python/samba/dbchecker.py | 17 ++++++++++++++--- 1 file changed, 14 insertions(+), 3 deletions(-) diff --git a/python/samba/dbchecker.py b/python/samba/dbchecker.py index 449b0a7d985c..e124b1a0d671 100644 --- a/python/samba/dbchecker.py +++ b/python/samba/dbchecker.py @@ -20,7 +20,7 @@ import ldb import samba import time -from base64 import b64decode +from base64 import b64decode, b64encode from samba import dsdb from samba import common from samba.dcerpc import misc @@ -29,7 +29,11 @@ from samba.ndr import ndr_unpack, ndr_pack from samba.dcerpc import drsblobs from samba.common import dsdb_Dn from samba.dcerpc import security -from samba.descriptor import get_wellknown_sds, get_diff_sds +from samba.descriptor import ( + get_wellknown_sds, + get_deletedobjects_descriptor, + get_diff_sds +) from samba.auth import system_session, admin_session from samba.netcmd import CommandError from samba.netcmd.fsmo import get_fsmo_roleowner @@ -341,6 +345,12 @@ class dbcheck(object): listwko.append('%s:%s' % (wko_prefix, dn)) guid_suffix = "" + + domain_sid = security.dom_sid(self.samdb.get_domain_sid()) + sec_desc = get_deletedobjects_descriptor(domain_sid, + name_map=self.name_map) + sec_desc_b64 = b64encode(sec_desc).decode('utf8') + # Insert a brand new Deleted Objects container self.samdb.add_ldif("""dn: %s objectClass: top @@ -349,7 +359,8 @@ description: Container for deleted objects isDeleted: TRUE isCriticalSystemObject: TRUE showInAdvancedViewOnly: TRUE -systemFlags: -1946157056%s""" % (dn, guid_suffix), +nTSecurityDescriptor:: %s +systemFlags: -1946157056%s""" % (dn, sec_desc_b64, guid_suffix), controls=["relax:0", "provision:0"]) delta = ldb.Message() -- 2.34.1
Locations
Projects
Search
Status Monitor
Help
Open Build Service
OBS Manuals
API Documentation
OBS Portal
Reporting a Bug
Contact
Mailing List
Forums
Chat (IRC)
Twitter
Open Build Service (OBS)
is an
openSUSE project
.