[Samba] Great article on Samba symlink fixes at Linux Weekly News !
Jeremy Allison
jra at samba.org
Sun Feb 13 22:05:31 UTC 2022
On Sun, Feb 13, 2022 at 01:00:17PM -0600, Patrick Goetz via samba wrote:
>I also don't quite understand the symlink vulnerability.
>
> open("/my/super/important/stuff")
>
>The concern is that this creates a race condition where someone could
>
> cd /my/super
> ln -s /your/nefarious/location ./important
>
>where /your/nefarious/location/ includes a stuff/ directory before the
>read or write is executed? How would this be possible given that
>/my/super/ already includes an important/ directory? Am I completely
>missing how this works?
cd /my/super
mv ./important ./important-orig
ln -s /your/nefarious/location ./important
More information about the samba
mailing list