37 lines
1.2 KiB
Diff
37 lines
1.2 KiB
Diff
From 885fe6e31b107b3a6362cde0785e6d886888e0ec Mon Sep 17 00:00:00 2001
|
|
From: Stefan Metzmacher <metze@samba.org>
|
|
Date: Fri, 8 Oct 2021 17:40:30 +0200
|
|
Subject: [PATCH 118/266] CVE-2020-25717: s3:auth: we should not try to
|
|
autocreate the guest account
|
|
|
|
We should avoid autocreation of users as much as possible.
|
|
|
|
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14801
|
|
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14556
|
|
|
|
Signed-off-by: Stefan Metzmacher <metze@samba.org>
|
|
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
|
|
---
|
|
source3/auth/user_krb5.c | 2 +-
|
|
1 file changed, 1 insertion(+), 1 deletion(-)
|
|
|
|
Conflict:NA
|
|
Reference:https://git.samba.org/samba.git/?p=samba.git;a=patch;h=885fe6e31b107b3a6362cde0785e6d886888e0ec
|
|
|
|
diff --git a/source3/auth/user_krb5.c b/source3/auth/user_krb5.c
|
|
index 8998f9c8f8a..074e8c7eb71 100644
|
|
--- a/source3/auth/user_krb5.c
|
|
+++ b/source3/auth/user_krb5.c
|
|
@@ -155,7 +155,7 @@ NTSTATUS get_user_from_kerberos_info(TALLOC_CTX *mem_ctx,
|
|
if (!fuser) {
|
|
return NT_STATUS_NO_MEMORY;
|
|
}
|
|
- pw = smb_getpwnam(mem_ctx, fuser, &unixuser, true);
|
|
+ pw = smb_getpwnam(mem_ctx, fuser, &unixuser, false);
|
|
}
|
|
|
|
/* extra sanity check that the guest account is valid */
|
|
--
|
|
2.23.0
|
|
|