Univention Bugzilla – Bug 56499
Normal users can access /var/univention-backup/samba
Last modified: 2023-11-01 14:58:12 CET
The permissions for /var/univention-backup/samba are not strict enough. By default that is not a problem, because UCS Samba/AD DCs are only accessible via ssh for "Domain Admins" but not for "Domain Users" by default. Yet, it's too easy for Administrators to shoot themselves in the foot this way.
e693391857 | Tighten access to /var/univention-backup/samba Package: univention-samba4 Version: 9.0.13-7 Branch: ucs_5.0-0 Scope: errata5.0-4
OK: root@master:~# ls -la /var/univention-backup/ total 16 drwxr-xr-x 4 root root 4096 ago 29 13:29 . drwxr-xr-x 14 root root 4096 ago 29 12:25 .. drwxr-xr-x 2 root root 4096 feb 3 2023 etc drwx------ 2 root root 4096 ago 15 16:00 samba
<https://errata.software-univention.de/#/?erratum=5.0x794>
This is tracked as CVE-2023-44465.