This patch fixes some typos with ACL checking that results
in the incorrect name being used for the check.
This could lead to security problems with unwanted
access by restricted consoles.
Apply the patch to 1.36.1 with:
cd <bacula-source>
patch -p0 <1.36.1-acl.patch
make
...
Index: src/dird/ua_run.c
===================================================================
RCS file: /cvsroot/bacula/bacula/src/dird/ua_run.c,v
retrieving revision 1.58
diff -u -r1.58 ua_run.c
--- src/dird/ua_run.c 8 Nov 2004 21:12:12 -0000 1.58
+++ src/dird/ua_run.c 30 Jan 2005 16:41:09 -0000
@@ -325,12 +330,13 @@
pool = job->pool; /* use default */
}
if (!pool) {
- return 1;
- } else if (!acl_access_ok(ua, Pool_ACL, store->hdr.name)) {
+ return 0;
+ } else if (!acl_access_ok(ua, Pool_ACL, pool->hdr.name)) {
bsendmsg(ua, _("No authorization. Pool \"%s\".\n"),
pool->hdr.name);
- return 1;
+ return 0;
}
+ Dmsg1(200, "Using pool\n", pool->hdr.name);
if (client_name) {
client = (CLIENT *)GetResWithName(R_CLIENT, client_name);
@@ -344,12 +350,13 @@
client = job->client; /* use default */
}
if (!client) {
- return 1;
- } else if (!acl_access_ok(ua, Client_ACL, store->hdr.name)) {
+ return 0;
+ } else if (!acl_access_ok(ua, Client_ACL, client->hdr.name)) {
bsendmsg(ua, _("No authorization. Client \"%s\".\n"),
client->hdr.name);
- return 1;
+ return 0;
}
+ Dmsg1(200, "Using client=%s\n", client->hdr.name);
if (fileset_name) {
fileset = (FILESET *)GetResWithName(R_FILESET, fileset_name);
@@ -361,11 +368,11 @@
fileset = job->fileset; /* use default */
}
if (!fileset) {
- return 1;
- } else if (!acl_access_ok(ua, FileSet_ACL, store->hdr.name)) {
+ return 0;
+ } else if (!acl_access_ok(ua, FileSet_ACL, fileset->hdr.name)) {
bsendmsg(ua, _("No authorization. FileSet \"%s\".\n"),
fileset->hdr.name);
- return 1;
+ return 0;
}
if (verify_job_name) {
syntax highlighted by Code2HTML, v. 0.9.1