Re: Serious security hole in Samba

To: joost@rulcmc.leidenuniv.nl (joost witteveen)
Cc: debian-devel@lists.debian.org
Subject: Re: Serious security hole in Samba
From: "Eloy A. Paris" <peloy@ven.ra.rockwell.com>
Date: Mon, 29 Sep 1997 11:25:43 -0400
Message-id: <[🔎] 3.0.3.32.19970929112543.00703118@zeus.ven.ra.rockwell.com>
In-reply-to: <[🔎] m0xFcVc-000CNoC@rulcmc.leidenuniv.nl>
References: <[🔎] 60n7h2$44s$1@zeus.ven.ra.rockwell.com>

Hi,

At 11:52 AM 9/29/97 +0200, joost witteveen wrote:

>I've uploaded a libc5 samba version yesterday, that should make it's
>way to bo-fixed quickly.

Great! Did you fix the bug in the prerm that causes it to fail
(start-stop-daemon has to be run with the --oknodo flag)?

>Libc6? But libpam etc aren't libc6 yet. How did you make samba libc6 then?

Samba is dinamically linked against libpam so the Samba maintainer can
really upload a libc6 version of Samba with no problems no matter libpam is
linked against libc5 or libc6.

As an example, these are the dependencies for both nmbd and smbd:

bestia:~# ldd `which nmbd smbd`
/usr/sbin/nmbd:
        libnsl.so.1 => /lib/libnsl.so.1 (0x4000d000)
        libcrypt.so.1 => /lib/libcrypt.so.1 (0x40012000)
        libdl.so.2 => /lib/libdl.so.2 (0x4003f000)
        libpam.so.0 => /usr/lib/libpam.so.0 (0x40042000)
        libc.so.6 => /lib/libc.so.6 (0x40048000)
        /lib/ld-linux.so.2 => /lib/ld-linux.so.2 (0x40000000)
/usr/sbin/smbd:
        libnsl.so.1 => /lib/libnsl.so.1 (0x4000d000)
        libcrypt.so.1 => /lib/libcrypt.so.1 (0x40012000)
        libdl.so.2 => /lib/libdl.so.2 (0x4003f000)
        libpam.so.0 => /usr/lib/libpam.so.0 (0x40042000)
        libc.so.6 => /lib/libc.so.6 (0x40048000)
        /lib/ld-linux.so.2 => /lib/ld-linux.so.2 (0x40000000)

As you see, there are no libc5 dependencies, just libc6. You can also see
the libpam dependencies. These programs come from my Debian package for
Samba 1.9.17p2 linked against libc6 and are running just fine in a libc6
system (both libc5 and libc6, actually).

>And about compiling samba libc6: All I had to do was change a few includes,
>and it compiled fine. It just didn't link, so I gave up making a libc6
>package.

Right, all that is needed is to modify source/includes.h and the Makefile.
I sent my patches to the Samba team and now they are incorporated in the
last official release (1.9.17p2).

Why do you say it didn't link? It should link just fine, provided you set
the right libraries in the Makefile (in debian/rules for a Debian package,
actually). You have to use "LIBSM=-lnsl -lcrypt" for the link to succeed.

Let me know if I can be of any help.

Regards,

E.-

--

Eloy A. Paris
Information Technology Department
Rockwell Automation de Venezuela
Telephone: +58-2-9432311 Fax: +58-2-9431645 Cel.: +58-16-234700

"Where does this path lead?" said Alice
"Depends on where you want to go."  Said the cat
("Alice in Wonderland", by Lewis Carroll.)

--
TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to
debian-devel-request@lists.debian.org . 
Trouble?  e-mail to templin@bucknell.edu .

Reply to:

Follow-Ups:
- Re: Serious security hole in Samba
  - From: joost@rulcmc.leidenuniv.nl (joost witteveen)

References:
- Serious security hole in Samba
  - From: "Eloy A. Paris" <eparis@ven.ra.rockwell.com>
- Re: Serious security hole in Samba
  - From: joost@rulcmc.leidenuniv.nl (joost witteveen)

Prev by Date: Re: I intend to stand for the project leadership
Next by Date: Re: Handling Typical Installations
Previous by thread: Re: Serious security hole in Samba
Next by thread: Re: Serious security hole in Samba
Index(es):
- Date
- Thread