]> git.ipfire.org Git - thirdparty/samba.git/commit
projects / thirdparty / samba.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 6a8f03c) | patch
CVE-2020-25722 dsdb: Prohibit mismatch between UF_ account types and objectclass.
authorAndrew Bartlett <abartlet@samba.org>
Fri, 22 Oct 2021 03:07:46 +0000 (16:07 +1300)
committerJule Anger <janger@samba.org>
Tue, 9 Nov 2021 19:45:32 +0000 (19:45 +0000)
commita00c525a4e01342ee8b9ec8441994ad27bffb254
treef92ecc25e745f7e4f9d9a8ee086f3efa52999f1etree
parent6a8f03c52746bc5e55caf40d4a57838a84808269commit | diff
CVE-2020-25722 dsdb: Prohibit mismatch between UF_ account types and objectclass.

There are a lot of knownfail entries added with this commit.  These
all need to be addressed and removed in subsequent commits which
will restructure the tests to pass within this new reality.

The restriction is not applied to users with administrator rights,
as this breaks a lot of tests and provides no security benefit.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=14753

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Douglas Bagnall <douglas.bagnall@catalyst.net.nz>
selftest/knownfail.d/priv_attr diff | blob | blame | history
selftest/knownfail.d/uac_mod_lock diff | blob | blame | history
selftest/knownfail.d/uac_objectclass_restrict diff | blob | blame | history
source4/dsdb/samdb/ldb_modules/samldb.c diff | blob | blame | history
Mirror of https://github.com/samba-team/samba.git