search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
(parent: 17b7206) | patch
CVE-2018-10919 tests: Add tests for guessing confidential attributes
commit10a2c8da54adc85a9d567e8b805a2cce16893d9e
authorTim Beale <timbeale@catalyst.net.nz>
Mon, 9 Jul 2018 03:57:59 +0000 (9 15:57 +1200)
committerStefan Metzmacher <metze@samba.org>
Tue, 14 Aug 2018 15:42:12 +0000 (14 17:42 +0200)
tree29457d5871b2794fbaaf6aa0e649b7de481c2ba2tree | snapshot (tar.gz zip)
parent17b7206a6d1399185a3b1d90aba5f2e26a9e7236commit | diff
CVE-2018-10919 tests: Add tests for guessing confidential attributes

Adds tests that assert that a confidential attribute cannot be guessed
by an unprivileged user through wildcard DB searches.

The tests basically consist of a set of DB searches/assertions that
get run for:
- basic searches against a confidential attribute
- confidential attributes that get overridden by giving access to the
  user via an ACE (run against a variety of ACEs)
- protecting a non-confidential attribute via an ACL that denies read-
  access (run against a variety of ACEs)
- querying confidential attributes via the dirsync controls

These tests all pass when run against a Windows Dc and all fail against
a Samba DC.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=13434

Signed-off-by: Tim Beale <timbeale@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
selftest/knownfail.d/confidential_attr [new file with mode: 0644] blob
source4/dsdb/tests/python/confidential_attr.py [new file with mode: 0755] blob
source4/selftest/tests.py diff | blob | blame | history
Samba GIT mirror