git.samba.org / metze / samba / wip.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: d87b655)
Don't expose passwords, even to the administrator.
authorAndrew Bartlett <abartlet@samba.org>
Mon, 8 Sep 2008 01:09:02 +0000 (11:09 +1000)
committerAndrew Bartlett <abartlet@samba.org>
Mon, 8 Sep 2008 01:09:02 +0000 (11:09 +1000)
This ensures they don't leak over LDAP, but does not prevent access,
as ldbsearch locally still bypasses these controls.

Andrew Bartlett

source/dsdb/samdb/ldb_modules/kludge_acl.c patch | blob | history

diff --git a/source/dsdb/samdb/ldb_modules/kludge_acl.c b/source/dsdb/samdb/ldb_modules/kludge_acl.c
index 2c01594722aad2871908ba697ddafe95bd9bc82f..bc998a835a9de7669a51a70174b164082fc5004b 100644 (file)
--- a/source/dsdb/samdb/ldb_modules/kludge_acl.c
+++ b/source/dsdb/samdb/ldb_modules/kludge_acl.c
@@ -238,7 +238,6 @@ static int kludge_acl_callback(struct ldb_context *ldb, void *context, struct ld
        {
                switch (ac->user_type) {
                case SECURITY_SYSTEM:
-               case SECURITY_ADMINISTRATOR:
                        if (ac->allowedAttributesEffective) {
                                ret = kludge_acl_allowedAttributes(ldb, ares->message, "allowedAttributesEffective");
                                if (ret != LDB_SUCCESS) {
@@ -252,6 +251,20 @@ static int kludge_acl_callback(struct ldb_context *ldb, void *context, struct ld
                                }
                        }
                        break;
+               case SECURITY_ADMINISTRATOR:
+                       if (ac->allowedAttributesEffective) {
+                               ret = kludge_acl_allowedAttributes(ldb, ares->message, "allowedAttributesEffective");
+                               if (ret != LDB_SUCCESS) {
+                                       return ret;
+                               }
+                       }
+                       if (ac->allowedChildClassesEffective) {
+                               ret = kludge_acl_childClasses(ldb, ares->message, "allowedChildClassesEffective");
+                               if (ret != LDB_SUCCESS) {
+                                       return ret;
+                               }
+                       }
+                       /* fall though */
                default:
                        /* remove password attributes */
                        for (i = 0; data->password_attrs[i]; i++) {
Work in progress branches