The branch, master has been updated via a92f0ccce60 s3:tests: Add test for checking that root is not allowed as home dir via 99695528f74 s3:smbd: Make sure we do not export "/" (root) as home dir via cc471448df9 s3:tests: Test for users connecting to their 'homes' share via 3b38dddff2c selftest: Add gooduser and eviluser to Samba3 from dfbfb7eb941 waf: Utils package not defined
https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log ----------------------------------------------------------------- commit a92f0ccce606be12e851a4100fbb44b069c5fe87 Author: Andreas Schneider <a...@samba.org> Date: Mon Dec 3 11:05:46 2018 +0100 s3:tests: Add test for checking that root is not allowed as home dir BUG: https://bugzilla.samba.org/show_bug.cgi?id=13699 Signed-off-by: Andreas Schneider <a...@samba.org> Reviewed-by: Ralph Böhme <s...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> Autobuild-User(master): Jeremy Allison <j...@samba.org> Autobuild-Date(master): Wed Dec 5 05:22:43 CET 2018 on sn-devel-144 commit 99695528f7453023446956d5f8f0656574e243af Author: Andreas Schneider <a...@samba.org> Date: Thu Nov 22 18:23:24 2018 +0100 s3:smbd: Make sure we do not export "/" (root) as home dir If "/" (root) is returned as the home directory, prevent exporting it. BUG: https://bugzilla.samba.org/show_bug.cgi?id=13699 Signed-off-by: Andreas Schneider <a...@samba.org> Reviewed-by: Ralph Böhme <s...@samba.org> commit cc471448df91c43fe38e2fcdf9b3874636ca51a6 Author: Andreas Schneider <a...@samba.org> Date: Fri Nov 16 15:40:59 2018 +0100 s3:tests: Test for users connecting to their 'homes' share This adds a test for CVE-2009-2813. BUG: https://bugzilla.samba.org/show_bug.cgi?id=13699 Signed-off-by: Andreas Schneider <a...@samba.org> Reviewed-by: Ralph Böhme <s...@samba.org> commit 3b38dddff2c1d1b51aed96368b358f349682bea0 Author: Andreas Schneider <a...@samba.org> Date: Thu Nov 15 16:06:49 2018 +0100 selftest: Add gooduser and eviluser to Samba3 BUG: https://bugzilla.samba.org/show_bug.cgi?id=13699 Signed-off-by: Andreas Schneider <a...@samba.org> Reviewed-by: Ralph Böhme <s...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> ----------------------------------------------------------------------- Summary of changes: selftest/target/Samba3.pm | 18 ++++- source3/param/service.c | 6 +- source3/script/tests/test_homes.sh | 136 +++++++++++++++++++++++++++++++++++++ source3/selftest/tests.py | 1 + source3/smbd/password.c | 7 ++ 5 files changed, 166 insertions(+), 2 deletions(-) create mode 100755 source3/script/tests/test_homes.sh Changeset truncated at 500 lines: diff --git a/selftest/target/Samba3.pm b/selftest/target/Samba3.pm index 888f3bd5154..2234c11c795 100755 --- a/selftest/target/Samba3.pm +++ b/selftest/target/Samba3.pm @@ -977,6 +977,10 @@ sub setup_fileserver comment = inherit only unix owner inherit owner = unix only acl_xattr:ignore system acls = yes +[homes] + comment = Home directories + browseable = No + read only = No "; my $vars = $self->provision($path, "WORKGROUP", @@ -1666,8 +1670,11 @@ sub provision($$$$$$$$$) my ($gid_force_user); my ($uid_user1); my ($uid_user2); + my ($uid_gooduser); + my ($uid_eviluser); + my ($uid_slashuser); - if ($unix_uid < 0xffff - 10) { + if ($unix_uid < 0xffff - 13) { $max_uid = 0xffff; } else { $max_uid = $unix_uid; @@ -1683,6 +1690,9 @@ sub provision($$$$$$$$$) $uid_smbget = $max_uid - 8; $uid_user1 = $max_uid - 9; $uid_user2 = $max_uid - 10; + $uid_gooduser = $max_uid - 11; + $uid_eviluser = $max_uid - 12; + $uid_slashuser = $max_uid - 13; if ($unix_gids[0] < 0xffff - 8) { $max_gid = 0xffff; @@ -2313,6 +2323,9 @@ force_user:x:$uid_force_user:$gid_force_user:force user gecos:$prefix_abs:/bin/f smbget_user:x:$uid_smbget:$gid_domusers:smbget_user gecos:$prefix_abs:/bin/false user1:x:$uid_user1:$gid_nogroup:user1 gecos:$prefix_abs:/bin/false user2:x:$uid_user2:$gid_nogroup:user2 gecos:$prefix_abs:/bin/false +gooduser:x:$uid_gooduser:$gid_domusers:gooduser gecos:$prefix_abs:/bin/false +eviluser:x:$uid_eviluser:$gid_domusers:eviluser gecos::/bin/false +slashuser:x:$uid_slashuser:$gid_domusers:slashuser gecos:/:/bin/false "; if ($unix_uid != 0) { print PASSWD "root:x:$uid_root:$gid_root:root gecos:$prefix_abs:/bin/false @@ -2389,6 +2402,9 @@ force_user:x:$gid_force_user: createuser($self, "smbget_user", $password, $conffile, \%createuser_env) || die("Unable to create smbget_user"); createuser($self, "user1", $password, $conffile, \%createuser_env) || die("Unable to create user1"); createuser($self, "user2", $password, $conffile, \%createuser_env) || die("Unable to create user2"); + createuser($self, "gooduser", $password, $conffile, \%createuser_env) || die("Unable to create gooduser"); + createuser($self, "eviluser", $password, $conffile, \%createuser_env) || die("Unable to create eviluser"); + createuser($self, "slashuser", $password, $conffile, \%createuser_env) || die("Unable to create slashuser"); open(DNS_UPDATE_LIST, ">$prefix/dns_update_list") or die("Unable to open $$prefix/dns_update_list"); print DNS_UPDATE_LIST "A $server. $server_ip\n"; diff --git a/source3/param/service.c b/source3/param/service.c index b21be6093d4..22f46f08894 100644 --- a/source3/param/service.c +++ b/source3/param/service.c @@ -149,7 +149,11 @@ int find_service(TALLOC_CTX *ctx, const char *service_in, char **p_service_out) DEBUG(3,("checking for home directory %s gave %s\n",*p_service_out, phome_dir?phome_dir:"(NULL)")); - iService = add_home_service(*p_service_out,*p_service_out /* 'username' */, phome_dir); + if (!strequal(phome_dir, "/")) { + iService = add_home_service(*p_service_out, + *p_service_out, /* username */ + phome_dir); + } } /* If we still don't have a service, attempt to add it as a printer. */ diff --git a/source3/script/tests/test_homes.sh b/source3/script/tests/test_homes.sh new file mode 100755 index 00000000000..90e84550dbc --- /dev/null +++ b/source3/script/tests/test_homes.sh @@ -0,0 +1,136 @@ +#!/bin/sh + +# Copyright (c) Andreas Schneider <a...@samba.org> +# License: GPLv3 + +if [ $# -lt 7 ]; then + echo "Usage: test_homes.sh SERVER USERNAME PASSWORD LOCAL_PATH PREFIX SMBCLIENT CONFIGURATION" + exit 1 +fi + +SERVER="${1}" +USERNAME="${2}" +PASSWORD="${3}" +LOCAL_PATH="${4}" +PREFIX="${5}" +SMBCLIENT="${6}" +CONFIGURATION="${7}" +shift 7 + +incdir=`dirname $0`/../../../testprogs/blackbox +. $incdir/subunit.sh + +failed=0 + +test_gooduser_home() +{ + tmpfile=$PREFIX/smbclient_homes_gooduser_commands + cat > $tmpfile <<EOF +ls +quit +EOF + + USERNAME=gooduser + + cmd='CLI_FORCE_INTERACTIVE=yes $SMBCLIENT "$@" -U$USERNAME%$PASSWORD //$SERVER/$USERNAME $CONFIGURATION < $tmpfile 2>&1' + eval echo "$cmd" + out=$(eval $cmd) + ret=$? + rm -f $tmpfile + + if [ $ret -ne 0 ] ; then + echo "$out" + echo "failed to connect error $ret" + return 1 + fi + + echo "$out" | grep 'Try "help" to get a list of possible commands.' + ret=$? + if [ $ret -ne 0 ] ; then + echo "$out" + echo 'failed - should get: Try "help" to get a list of possible commands.' + return 1 + fi + + return 0 +} + +test_eviluser_home() +{ + tmpfile=$PREFIX/smbclient_homes_eviluser_commands + cat > $tmpfile <<EOF +ls +quit +EOF + + USERNAME=eviluser + + cmd='CLI_FORCE_INTERACTIVE=yes $SMBCLIENT "$@" -U$USERNAME%$PASSWORD //$SERVER/$USERNAME $CONFIGURATION < $tmpfile 2>&1' + eval echo "$cmd" + out=$(eval $cmd) + ret=$? + rm -f $tmpfile + + if [ $ret -ne 1 ] ; then + echo "$out" + echo "The server should reject connecting ret=$ret" + return 1 + fi + + echo "$out" | grep 'NT_STATUS_BAD_NETWORK_NAME' + ret=$? + if [ $ret -ne 0 ] ; then + echo "$out" + echo 'failed - should get: NT_STATUS_BAD_NETWORK_NAME.' + return 1 + fi + + return 0 +} + +test_slashuser_home() +{ + tmpfile=$PREFIX/smbclient_homes_slashuser_commands + cat > $tmpfile <<EOF +ls +quit +EOF + + USERNAME=slashuser + + cmd='CLI_FORCE_INTERACTIVE=yes $SMBCLIENT "$@" -U$USERNAME%$PASSWORD //$SERVER/$USERNAME $CONFIGURATION < $tmpfile 2>&1' + eval echo "$cmd" + out=$(eval $cmd) + ret=$? + rm -f $tmpfile + + if [ $ret -ne 1 ] ; then + echo "$out" + echo "The server should reject connecting ret=$ret" + return 1 + fi + + echo "$out" | grep 'NT_STATUS_BAD_NETWORK_NAME' + ret=$? + if [ $ret -ne 0 ] ; then + echo "$out" + echo 'failed - should get: NT_STATUS_BAD_NETWORK_NAME.' + return 1 + fi + + return 0 +} + +testit "test gooduser home" \ + test_gooduser_home || \ + failed=`expr $failed + 1` + +testit "test eviluser home reject" \ + test_eviluser_home || \ + failed=`expr $failed + 1` + +testit "test slashuser home reject" \ + test_slashuser_home || \ + failed=`expr $failed + 1` + +testok $0 $failed diff --git a/source3/selftest/tests.py b/source3/selftest/tests.py index f30b03ce990..065a41899e8 100755 --- a/source3/selftest/tests.py +++ b/source3/selftest/tests.py @@ -326,6 +326,7 @@ for env in ["fileserver"]: plantestsuite("samba3.blackbox.large_acl.NT1", env, [os.path.join(samba3srcdir, "script/tests/test_large_acl.sh"), '$SERVER', '$USERNAME', '$PASSWORD', smbclient3, smbcacls, '-m', 'NT1']) plantestsuite("samba3.blackbox.large_acl.SMB3", env, [os.path.join(samba3srcdir, "script/tests/test_large_acl.sh"), '$SERVER', '$USERNAME', '$PASSWORD', smbclient3, smbcacls, '-m', 'SMB3']) plantestsuite("samba3.blackbox.give_owner", env, [os.path.join(samba3srcdir, "script/tests/test_give_owner.sh"), '$SERVER', '$SERVER_IP', '$USERNAME', '$PASSWORD', '$PREFIX', smbclient3, smbcacls, net, 'tmp']) + plantestsuite("samba3.blackbox.homes", env, [os.path.join(samba3srcdir, "script/tests/test_homes.sh"), '$SERVER', '$USERNAME', '$PASSWORD', '$LOCAL_PATH', '$PREFIX', smbclient3, configuration]) # # tar command tests diff --git a/source3/smbd/password.c b/source3/smbd/password.c index f472bda2c70..0576d2563eb 100644 --- a/source3/smbd/password.c +++ b/source3/smbd/password.c @@ -129,6 +129,13 @@ int register_homes_share(const char *username) return -1; } + if (strequal(pwd->pw_dir, "/")) { + DBG_NOTICE("Invalid home directory defined for user '%s'\n", + username); + TALLOC_FREE(pwd); + return -1; + } + DEBUG(3, ("Adding homes service for user '%s' using home directory: " "'%s'\n", username, pwd->pw_dir)); -- Samba Shared Repository