git.samba.org - garming/samba-autobuild/.git/commit

author	Gary Lockyer <gary@catalyst.net.nz>
	Fri, 3 Nov 2017 00:35:41 +0000 (13:35 +1300)
committer	Andrew Bartlett <abartlet@samba.org>
	Mon, 20 Nov 2017 06:20:13 +0000 (07:20 +0100)
commit	d11473b15df9f1688b6de387b822583f4045ac3d
tree	91474bd6d8d391f0f68730040fbd947e864aa508	tree
parent	88bdecae0a152d8c07859d437d02116d1f18087f	commit \| diff

source3: remove sock_exec

Remove the sock_exec code which is no longer needed and additionally has been
used by exploit code.

This was originally test support code, the tests relying on the sock_exec
code have been removed.

Past exploits have used sock_exec as a proxy for system() matching a talloc
destructor prototype.

See for example:
Exploit for Samba vulnerabilty (CVE-2015-0240) at
    https://gist.github.com/worawit/051e881fc94fe4a49295
    and the Red Hat post at
    https://access.redhat.com/blogs/766093/posts/1976553

Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Mon Nov 20 07:20:13 CET 2017 on sn-devel-144

docs-xml/manpages/smbclient.1.xml		diff \| blob \| history
source3/include/proto.h		diff \| blob \| history
source3/lib/sock_exec.c	[deleted file]	blob \| history
source3/libsmb/cliconnect.c		diff \| blob \| history
source3/wscript_build		diff \| blob \| history
testsuite/build_farm/basicsmb.fns		diff \| blob \| history