CVE-2018-10919 tests: Add test case for object visibility with limited rights
authorTim Beale <timbeale@catalyst.net.nz>
Tue, 31 Jul 2018 02:14:20 +0000 (14:14 +1200)
committerKarolin Seeger <kseeger@samba.org>
Sat, 11 Aug 2018 06:16:01 +0000 (08:16 +0200)
commit03dba18bc99f5e37821bfde9c138b012e730d4c7
tree4a2ed774d6c1f9405d4042a9f09f9ba0ea4be8ef
parent77421f33f853aed254ed67a6541f86e4070c4128
CVE-2018-10919 tests: Add test case for object visibility with limited rights

Currently Samba is a bit disclosive with LDB_OP_PRESENT (i.e.
attribute=*) searches compared to Windows.

All the acl.py tests are based on objectClass=* searches, where Windows
will happily tell a user about objects they have List Contents rights,
but not Read Property rights for. However, if you change the attribute
being searched for, suddenly the objects are no longer visible on
Windows (whereas they are on Samba).

This is a problem, because Samba can tell you about which objects have
confidential attributes, which in itself could be disclosive.

This patch adds a acl.py test-case that highlights this behaviour. The
test passes against Windows but fails against Samba.

Signed-off-by: Tim Beale <timbeale@catalyst.net.nz>
selftest/knownfail.d/acl [new file with mode: 0644]
source4/dsdb/tests/python/acl.py