git.ipfire.org Git - thirdparty/samba.git/commit

author	Nadezhda Ivanova <nivanova@symas.com>
	Mon, 18 Oct 2021 11:27:59 +0000 (14:27 +0300)
committer	Jule Anger <janger@samba.org>
	Mon, 8 Nov 2021 09:52:11 +0000 (10:52 +0100)
commit	ae9eb6c7d85deda7a20867eeecb8835defc1990a
tree	c003cabdd35881a2eb4a03a5c88749e2d4fc5c33	tree
parent	038767ae9c20884d2d3e871079e75ddb5cd849ee	commit \| diff

CVE-2020-25722: s4-acl: Make sure Control Access Rights honor the Applies-to attribute

Validate Writes and Control Access Rights only grant access if the
object is of the type listed in the Right's appliesTo attribute. For
example, even though a Validated-SPN access may be granted to a user
object in the SD, it should only pass if the object is of class
computer This patch enforces the appliesTo attribute classes for
access checks from within the ldb stack.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14832

Signed-off-by: Nadezhda Ivanova <nivanova@symas.com>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

selftest/knownfail.d/bug-14832	[deleted file]	blob \| blame \| history
source4/dsdb/common/util.c		diff \| blob \| blame \| history
source4/dsdb/samdb/ldb_modules/acl.c		diff \| blob \| blame \| history
source4/dsdb/samdb/ldb_modules/acl_util.c		diff \| blob \| blame \| history
source4/dsdb/samdb/ldb_modules/dirsync.c		diff \| blob \| blame \| history
source4/dsdb/samdb/ldb_modules/samldb.c		diff \| blob \| blame \| history