[Samba] Cannot remove symlink with missing target
Jeremy Allison
jra at samba.org
Wed Jan 6 20:23:36 UTC 2016
On Wed, Jan 06, 2016 at 09:00:30PM +0100, Andreas Maier wrote:
> Am 06.01.2016 um 20:35 schrieb Jeremy Allison:
> >On Wed, Jan 06, 2016 at 08:33:12PM +0100, Andreas Maier wrote:
> >>
> >>Jeremy,
> >>I checked the WHATSNEW.txt file of 4.3.3 and 4.1.22, but could not
> >>find anything that is related to this behavior.
> >No, it's a security release only.
> >
> >>There is a fix for CVE-2015-5252 (Insufficient symlink verification
> >>in smbd), could that be the solution to the
> >>cannot-delete-broken-symlink behavior in addition?
> >No, that wasn't a security bug and wasn't what was fixed.
> >The bug you're having was already fixed in 4.3.x. Go to
> >bugzilla.samba.org and search for bugs with 'symlink'
> >in the title. You should be able to find the one
> >which will give you the date and version number
> >containing the fix.
>
> Jeremy,
> The only bug I was able to match with the observed behavior is this:
>
> https://bugzilla.samba.org/show_bug.cgi?id=9492
> "unable to POSIX delete symlinks that don't have a valid target"
>
> Its status says "NEW". Also, the WHATSNEW.txt files of 4.1.18, 4.3.3
> and 4.1.22 do not mention that bug, and searching the commit log for
> "9492" gives no bug with that number.
>
> Is this the bug you are remembering?
> Is it possible that the solution to that bug was not included yet?
No, more like these (closed) bugs:
https://bugzilla.samba.org/show_bug.cgi?id=10429
https://bugzilla.samba.org/show_bug.cgi?id=8663
https://bugzilla.samba.org/show_bug.cgi?id=7234
We do have a regression test, test_bad_symlink()
for this (which we must pass for any code to get
into the tree).
More information about the samba
mailing list