OpenAFS Master Repository branch, master, updated. openafs-devel-1_5_76-4793-ge63c257

[Gerrit Code Review]

The following commit has been merged in the master branch:
commit d853866c56a114616ecb68f06a914aaea0e5c7c7
Author: Jeffrey Altman <jaltman@your-file-system.com>
Date:   Wed Mar 9 20:38:10 2016 -0600

    OPENAFS-SA-2016-001 group creation by foreign users
    
    CVE-2016-2860:
    
    In AFS 3.3 as part of the addition of the cross-cell support for foreign
    user auto-registration a bug was introduced that permits foreign users
    to create arbitrary groups as if they were system administrators.  This
    permits the groups to be created without any group quota checks, and
    using group names that non-administrators would not normally be able to
    create, such as groups with the "system:" prefix or groups with no colon
    (that is, in the namespace for users).
    
    Additionally, all entries created using the auto-registration service
    were marked as being created by system:administrators.  This behavior
    should not be changed on the stable release branch, but for the next
    release the behavior will change to show these entries as being
    self-created, to better reflect reality.
    
    FIXES 132822
    
    [kaduk@mit.edu: reword commit message, minor style adjustments]
    
    Change-Id: I54ddca3e4e1339f76ed320f0d6c53d8820aed89c

 src/ptserver/ptprocs.c |   28 +++++++++++++++++++++-------
 src/ptserver/ptutils.c |   15 ++++++++++++---
 2 files changed, 33 insertions(+), 10 deletions(-)

-- 
OpenAFS Master Repository