]> git.ipfire.org Git - thirdparty/samba.git/commit
projects / thirdparty / samba.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 28fae9c) | patch
CVE-2020-25717: s3:auth: no longer let check_account() autocreate local users
authorStefan Metzmacher <metze@samba.org>
Fri, 8 Oct 2021 16:08:20 +0000 (18:08 +0200)
committerJule Anger <janger@samba.org>
Tue, 9 Nov 2021 19:45:33 +0000 (19:45 +0000)
commitdd0423bfbbce2d9f1f8a62c21cf612e5c755b616
treeca17ff3ad815663c2b2c82a9ee0c01f0c615dd1ctree | snapshot
parent28fae9c2215698e465201b6ad27eb9eeb55c906acommit | diff
CVE-2020-25717: s3:auth: no longer let check_account() autocreate local users

So far we autocreated local user accounts based on just the
account_name (just ignoring any domain part).

This only happens via a possible 'add user script',
which is not typically defined on domain members
and on NT4 DCs local users already exist in the
local passdb anyway.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14556
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14801

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
source3/auth/auth_util.c diff | blob | blame | history
Mirror of https://github.com/samba-team/samba.git