[prev in list] [next in list] [prev in thread] [next in thread]
List: samba-technical
Subject: re: Claimed Zero Day exploit in Samba.
From: Michael Gilbert <michael.s.gilbert () gmail ! com>
Date: 2010-02-05 20:09:06
Message-ID: 20100205150906.9dc94213.michael.s.gilbert () gmail ! com
[Download RAW message or body]
Jeremy Allison wrote:
> As an example, given a share definition:
>
> [tmp]
> path = /tmp
> read only = no
> guest ok = yes
>
> The administrator could add a symlink:
>
> $ ln -s /etc/passwd /tmp/passwd
>
> and SMB/CIFS clients would then see a file called "passwd"
> within the [tmp] share that could be read and would allow
> clients to read /etc/passwd.
[...]
> All future versions of Samba will have the parameter
> "wide links" set to "no" by default, and the manual
> pages will be updated to explain this issue.
while more secure (hardened) defaults are good, wouldn't it be more
effective to tackle the root cause of the problem? i.e. on the samba
server side, detect attempts by remote users to create symlinks to
targets outside of their authorized shares and prevent that.
mike
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic