Bug 44494 - ucs-school-old-sharedirs should check for subordinate share directories
ucs-school-old-sharedirs should check for subordinate share directories
Status: NEW
Product: UCS@school
Classification: Unclassified
Component: Listener modules
UCS@school 4.4
Other Linux
: P5 normal (vote)
: ---
Assigned To: UCS@school maintainers
:
Depends on:
Blocks: 44495
  Show dependency treegraph
 
Reported: 2017-04-27 18:28 CEST by Arvid Requate
Modified: 2020-07-14 09:15 CEST (History)
3 users (show)

See Also:
What kind of report is it?: Feature Request
What type of bug is this?: ---
Who will be affected by this bug?: ---
How will those affected feel about the bug?: ---
User Pain:
Enterprise Customer affected?:
School Customer affected?: Yes
ISV affected?:
Waiting Support:
Flags outvoted (downgraded) after PO Review:
Ticket number: 2017041921000477
Bug group (optional):
Max CVSS v3 score:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Arvid Requate univentionstaff 2017-04-27 18:28:37 CEST
The ucs-school-old-sharedirs doesn't check if the share path of a removed share is containing other shares below it.

In the linked ticket a share has been created with backing path

 /home/school1/groups

and then, when the share has been removed again (because its directory ACLs blocked access to Marktplatz etc.), the remove-old-sharedirs.py listener moved the whole path to /home/backup/groups (as defined via ucsschool/listener/oldsharedir/targetdir). 15 seconds later nfs-kernel-server cried to syslog that a couple of export paths are missing. That's when your heart skips a beat.


And we should document this module. I guess pretty few people know about this feature, and even less realize the potential for DOS.

+++ This bug was initially created as a clone of Bug #18846 +++