61662 – [japanese/samba] broken support for password changing via CTRL-ALT-DEL on Windows client

Bug 61662 - [japanese/samba] broken support for password changing via CTRL-ALT-DEL on Windows client

Summary: [japanese/samba] broken support for password changing via CTRL-ALT-DEL on Win...

Status:	Closed FIXED

Alias:	None

Product:	Ports & Packages
Classification:	Unclassified
Component:	Individual Port(s) (show other bugs)
Version:	Latest
Hardware:	Any Any

Importance:	Normal Affects Only Me
Assignee:	freebsd-ports-bugs (Nobody)

URL:
Keywords:

Depends on:
Blocks:

Reported:	2004-01-21 02:40 UTC by NAKAJI Hiroyuki
Modified:	2004-01-30 10:40 UTC (History)
CC List:	1 user (show)

See Also:

Attachments
file.diff (1.29 KB, patch) 2004-01-21 02:40 UTC, NAKAJI Hiroyuki	no flags	Details \| Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description NAKAJI Hiroyuki 2004-01-21 02:40:07 UTC

	As reported in ports/60361 and ports/52859, japanese/samba
also has a problem that "users cannot change password from their
windows".
	This is because of the failure of setresgid() called from
lib/util_sec.c:restore_re_gid().
	The setresgid(2) says, "Unprivileged processes are restricted
in that each of the new IDs must match one of the current IDs." It
seems that this "Unprivileged process" is such a process whose
"effective uid or gid" is not zero.
	I checked every return value of setresgid() in
lib/util_sec.c:restore_re_gid(), and found that before smbd gets PANIC,
setresgid() fails with EPERM because it is called with the both
non-zero effective uid and gid before restore_re_gid() is called.
	When getresgid() fails and results into smbd panic, the
effective uid and gid are not 0 but the uid and gid of a user who
wants to change his or her password (or nobody).
	The patch posted in ports/60361 is not good because it does
not solve the problem and just does not see the 'security check
failed' problem. It may cause some other security problems.
	The Samba Users Group Japan (SUGJ) helped me very
much. Thanks.

	Note: Discussion on this topic in Japanese is available, see
http://www.samba.gr.jp/ml/article/samba-jp/msg15772.html and
http://www.samba.gr.jp/ml/article/sugj-tech/msg06065.html

Fix: A diff from ports-current. New patch file is added.
How-To-Repeat: 	Setup your samba as PDC or password server, and then try to
change your password from your Windows client.

Comment 1 Sergei Kolobov freebsd_committer

2004-01-21 09:21:45 UTC

Class Changed
From-To: sw-bug->maintainer-update

Accurate class

Comment 2 nakaji 2004-01-21 13:05:09 UTC

I misunderstood the word "Unprivileged".

I wrote,

            The setresgid(2) says, "Unprivileged processes are restricted
    in that each of the new IDs must match one of the current IDs." It
    seems that this "Unprivileged process" is such a process whose
    "effective uid or gid" is not zero.
                   ^^^^^^

but it is better to write

            The setresgid(2) says, "Unprivileged processes are restricted
    in that each of the new IDs must match one of the current IDs." It
    seems that this "Unprivileged process" is such a process whose
    "effective uid" is not zero.

Anyway the reason of the problem that you cannot change your password
from Windows must be the bug of Samba itself, and I think the fix is
ok.

Thanks for fixing wrong class, sergei. I was hurrying too much.
-- 
NAKAJI Hiroyuki

Comment 3 Munechika Sumikawa freebsd_committer

2004-01-30 10:40:49 UTC

State Changed
From-To: open->closed

Commited, thanks.