git.samba.org / samba.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 4c1f1fe) | patch
CVE-2023-4154 dsdb/tests: Add test for SEARCH_FLAG_RODC_ATTRIBUTE behaviour
authorAndrew Bartlett <abartlet@samba.org>
Tue, 8 Aug 2023 02:30:19 +0000 (14:30 +1200)
committerJule Anger <janger@samba.org>
Sun, 8 Oct 2023 20:06:23 +0000 (22:06 +0200)
commit4e5f060cdc3ca03cc1d6509ee9b9cdc0b24b5ca9
tree7516d1635ed14f5ac24fcb0fd52e77b912f98374tree
parent4c1f1fe39c6e75a377f46d2f9a60749244c1247acommit | diff
CVE-2023-4154 dsdb/tests: Add test for SEARCH_FLAG_RODC_ATTRIBUTE behaviour

SEARCH_FLAG_RODC_ATTRIBUTE should be like SEARCH_FLAG_CONFIDENTIAL,
but for DirSync and DRS replication.  Accounts with
GUID_DRS_GET_CHANGES rights should not be able to read this
attribute.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=15424

Signed-off-by: Andrew Bartlett <abartlet@samba.org>
source4/dsdb/tests/python/confidential_attr.py diff | blob | history
Samba Shared Repository