| commit | 3d9e22f284e2988c6ba78b11dac02d208baf2d00 | |
| author | Jeff Layton <jlayton@redhat.com> | |
| Wed, 14 Oct 2009 15:06:21 +0000 (14 11:06 -0400) | ||
| committer | Karolin Seeger <kseeger@samba.org> | |
| Wed, 13 Jan 2010 13:00:51 +0000 (13 14:00 +0100) | ||
| tree | 4a52f4f77db3db2b362b48815b8ee797445aeff3 | treesnapshot (tar.gz zip) |
| parent | 157cc06bbdcfca861e2bf30a0532d6060cd82265 | commitdiff |
cifs.upcall: make using ip address conditional on new option
Igor Mammedov pointed out that reverse resolving an IP address to get
the hostname portion of a principal could open a possible attack
vector. If an attacker were to gain control of DNS, then he could
redirect the mount to a server of his choosing, and fix the reverse
resolution to point to a hostname of his choosing (one where he has
the key for the corresponding cifs/ or host/ principal).
That said, we often trust DNS for other reasons and it can be useful
to do so. Make the code that allows trusting DNS to be enabled by
adding --trust-dns to the cifs.upcall invocation.
Signed-off-by: Jeff Layton <jlayton@redhat.com>
(cherry picked from commit 6aa0f05509ec1b8578021051f83627f4ca296ef8)
Igor Mammedov pointed out that reverse resolving an IP address to get
the hostname portion of a principal could open a possible attack
vector. If an attacker were to gain control of DNS, then he could
redirect the mount to a server of his choosing, and fix the reverse
resolution to point to a hostname of his choosing (one where he has
the key for the corresponding cifs/ or host/ principal).
That said, we often trust DNS for other reasons and it can be useful
to do so. Make the code that allows trusting DNS to be enabled by
adding --trust-dns to the cifs.upcall invocation.
Signed-off-by: Jeff Layton <jlayton@redhat.com>
(cherry picked from commit 6aa0f05509ec1b8578021051f83627f4ca296ef8)
| docs-xml/manpages-3/cifs.upcall.8.xml | diffblobblamehistory | |
| source/client/cifs.upcall.c | diffblobblamehistory |