diff options
| author | Gary Lockyer <gary@catalyst.net.nz> | 2017-11-03 13:35:41 +1300 |
|---|---|---|
| committer | Andrew Bartlett <abartlet@samba.org> | 2017-11-20 07:20:13 +0100 |
| commit | d11473b15df9f1688b6de387b822583f4045ac3d (patch) | |
| tree | 91474bd6d8d391f0f68730040fbd947e864aa508 /source3/include | |
| parent | 88bdecae0a152d8c07859d437d02116d1f18087f (diff) | |
| download | samba-d11473b15df9f1688b6de387b822583f4045ac3d.tar.gz | |
source3: remove sock_exec
Remove the sock_exec code which is no longer needed and additionally has been
used by exploit code.
This was originally test support code, the tests relying on the sock_exec
code have been removed.
Past exploits have used sock_exec as a proxy for system() matching a talloc
destructor prototype.
See for example:
Exploit for Samba vulnerabilty (CVE-2015-0240) at
https://gist.github.com/worawit/051e881fc94fe4a49295
and the Red Hat post at
https://access.redhat.com/blogs/766093/posts/1976553
Signed-off-by: Gary Lockyer <gary@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Garming Sam <garming@catalyst.net.nz>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Mon Nov 20 07:20:13 CET 2017 on sn-devel-144
Diffstat (limited to 'source3/include')
| -rw-r--r-- | source3/include/proto.h | 4 |
1 files changed, 0 insertions, 4 deletions
diff --git a/source3/include/proto.h b/source3/include/proto.h index c86cd44c4fc..fa87407ff24 100644 --- a/source3/include/proto.h +++ b/source3/include/proto.h @@ -158,10 +158,6 @@ int smbrun_no_sanitize(const char *cmd, int *outfd, char * const *env); int smbrun(const char *cmd, int *outfd, char * const *env); int smbrunsecret(const char *cmd, const char *secret); -/* The following definitions come from lib/sock_exec.c */ - -int sock_exec(const char *prog); - /* The following definitions come from lib/substitute.c */ void free_local_machine_name(void); |