Univention Bugzilla – Full Text Bug Listing |
Summary: | The windows explorer crashes, if the share security section will be accessed | ||
---|---|---|---|
Product: | UCS | Reporter: | Julia Bremer <bremer> |
Component: | Samba4 | Assignee: | Julia Bremer <bremer> |
Status: | CLOSED FIXED | QA Contact: | Jürn Brodersen <brodersen> |
Severity: | normal | ||
Priority: | P5 | CC: | best, botner, bremer, brodersen, grandjean, heidelberger, hotsummer55, markus.daehlmann, requate, scheinig, steuwer, stoeckigt, v.mayer, voelker |
Version: | UCS 4.4 | Flags: | bremer:
Patch_Available+
|
Target Milestone: | UCS 4.4-3-errata | ||
Hardware: | Other | ||
OS: | Linux | ||
URL: | https://help.univention.com/t/problem-the-windows-explorer-crashes-if-you-try-to-adjust-the-permission-on-the-security-tab/12478 | ||
See Also: | https://forge.univention.org/bugzilla/show_bug.cgi?id=53629 | ||
What kind of report is it?: | Bug Report | What type of bug is this?: | 5: Major Usability: Impairs usability in key scenarios |
Who will be affected by this bug?: | 1: Will affect a very few installed domains | How will those affected feel about the bug?: | 5: Blocking further progress on the daily work |
User Pain: | 0.143 | Enterprise Customer affected?: | Yes |
School Customer affected?: | Yes | ISV affected?: | |
Waiting Support: | Flags outvoted (downgraded) after PO Review: | ||
Ticket number: | Bug group (optional): | ||
Max CVSS v3 score: | |||
Bug Depends on: | 49747 | ||
Bug Blocks: | |||
Attachments: |
Mark all identifier authorities documented by ms as valid in samba
add all documented predefined domains |
Description
Julia Bremer
2019-12-05 10:30:27 CET
I guess we will see more of this with Windows 10 (Windows 7 EOL). E.g. the "app container SIDs" which have the "application package authority" prefix S-1-15 have been introduced with Windows 8 but seem to gain more widespread use now. Created attachment 10276 [details]
add all documented predefined domains
I updated the patch, so that the SIDs (S-1-22-1-0 ,S-1-22-2-0) are actually translated to their respective names (user root / group root).
Package: samba Version: 2:4.10.1-1A~4.4.0.202001130957 Branch: ucs_4.4-0 Scope: errata4.4-3 e133c683bc Bug #50601: Yaml Rebuild the package with the attached patch. For QA: Env: Ucs-Master with samba, a joined windows machine. Create share via umc with owner root:root. Open the share with the windows explorer and check that it does not crash and the Sids are evaluated to readable names. Check the other Sids by running: samba-tool ntacl get --as-sddl file1 output would be something like: O:S-1-22-1-0G:S-1-22-2-0D:(A;;0x001f019f;;;S-1-22-2-0)(A;;0x00120089;;;S-1-22-2-0)(A;;0x00120089;;;WD) behind O: is the owner Sid, behing G: is the group Sid. Change both occurences of these Sids to the Sids you want to test, e.g. samba-tool ntacl set "O:S-1-18G:S-1-18-3D:(A;;0x001f019f;;;S-1-18)(A;;0x00120089;;;S-1-18-3)(A;;0x00120089;;;WD)" file1 and run: net cache flush open the share on the security tab again on your windows machine and check that it doesn't crash. S-1-17 still triggered a crash. I fixed this in package 2:4.10.1-1A~4.4.0.202001131227 52d8f66d24 Bug #50601: Fix crash for S-1-17, yaml update What I tested: Windows Explorer doesn't crash any more -> OK SIDs are resolved in Windows Explorer -> OK YAML -> OK |