The branch, master has been updated via d81e206 Move set_thread_credentials_permanently() to set_thread_credentials() as we need to keep the saved set uid/gid otherwise there is an interaction with open[at]() and NO_ATIME returning EPERM. As this is meant for threaded code inside the process we don't need to do an irreverisble change anyway. via b256191 Fix typo we've had for a long time in set_re_uid() in the USE_SETRESUID case. from 6d903bf Cope with a (non-security) open race we've had for ever as NTCreateX isn't atomic on POSIX.
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master - Log ----------------------------------------------------------------- commit d81e20653baa53c678b2c421d90b6351a7388a37 Author: Jeremy Allison <j...@samba.org> Date: Tue Jul 10 16:56:20 2012 -0700 Move set_thread_credentials_permanently() to set_thread_credentials() as we need to keep the saved set uid/gid otherwise there is an interaction with open[at]() and NO_ATIME returning EPERM. As this is meant for threaded code inside the process we don't need to do an irreverisble change anyway. Autobuild-User(master): Jeremy Allison <j...@samba.org> Autobuild-Date(master): Wed Jul 11 03:54:00 CEST 2012 on sn-devel-104 commit b25619175f9ed3a62210b5b9f9cda7c4cde4f0db Author: Jeremy Allison <j...@samba.org> Date: Tue Jul 10 16:50:51 2012 -0700 Fix typo we've had for a long time in set_re_uid() in the USE_SETRESUID case. We only set the real euid, not the effective one. This is not a security issue as this is *only* used in the quota code, and only between code that brackets it with save_re_uid()/restore_re_uid(), Also this is not used on most platforms (we use USE_SETREUID by preference) but it's better to have this right. Bug to follow to get this fixed in 3.6.next and 3.5.next. ----------------------------------------------------------------------- Summary of changes: source3/include/proto.h | 8 ++++---- source3/lib/util_sec.c | 26 +++++++++++++------------- 2 files changed, 17 insertions(+), 17 deletions(-) Changeset truncated at 500 lines: diff --git a/source3/include/proto.h b/source3/include/proto.h index 7625983..95dded8 100644 --- a/source3/include/proto.h +++ b/source3/include/proto.h @@ -549,10 +549,10 @@ void save_re_gid(void); void restore_re_gid(void); int set_re_uid(void); void become_user_permanently(uid_t uid, gid_t gid); -int set_thread_credentials_permanently(uid_t uid, - gid_t gid, - size_t setlen, - const gid_t *gidset); +int set_thread_credentials(uid_t uid, + gid_t gid, + size_t setlen, + const gid_t *gidset); bool is_setuid_root(void) ; /* The following definitions come from lib/util_sid.c */ diff --git a/source3/lib/util_sec.c b/source3/lib/util_sec.c index 7c05f17..ac999e3 100644 --- a/source3/lib/util_sec.c +++ b/source3/lib/util_sec.c @@ -337,7 +337,7 @@ int set_re_uid(void) uid_t uid = geteuid(); #if defined(USE_SETRESUID) || defined(USE_LINUX_THREAD_CREDENTIALS) - samba_setresuid(geteuid(), -1, -1); + samba_setresuid(uid, uid, -1); #endif #if USE_SETREUID @@ -411,14 +411,14 @@ void become_user_permanently(uid_t uid, gid_t gid) } /********************************************************** - Function to set thread specific credentials in an - irreversible way. Must be thread-safe code. + Function to set thread specific credentials. Leave + saved-set uid/gid alone.Must be thread-safe code. **********************************************************/ -int set_thread_credentials_permanently(uid_t uid, - gid_t gid, - size_t setlen, - const gid_t *gidset) +int set_thread_credentials(uid_t uid, + gid_t gid, + size_t setlen, + const gid_t *gidset) { #if defined(USE_LINUX_THREAD_CREDENTIALS) /* @@ -433,22 +433,22 @@ int set_thread_credentials_permanently(uid_t uid, return -1; } /* Set our primary gid. */ - /* Set rg=gid, eg=gid, sg=gid */ - if (samba_setresgid(gid, gid, gid) != 0) { + /* Set rg=gid, eg=gid */ + if (samba_setresgid(gid, gid, -1) != 0) { return -1; } /* Set extra groups list. */ if (samba_setgroups(setlen, gidset) != 0) { return -1; } - /* Become the requested user. No way back after this. */ - /* Set ru=uid, eu=uid, su=uid */ - if (samba_setresuid(uid, uid, uid) != 0) { + /* Become the requested user. */ + /* Set ru=uid, eu=uid */ + if (samba_setresuid(uid, uid, -1) != 0) { return -1; } if (geteuid() != uid || getuid() != uid || getegid() != gid || getgid() != gid) { - smb_panic("set_thread_credentials_permanently failed\n"); + smb_panic("set_thread_credentials failed\n"); return -1; } return 0; -- Samba Shared Repository