[SCM] Samba Shared Repository - branch master updated

Jeremy Allison jra at samba.org
Tue Sep 13 19:56:02 MDT 2011 

The branch, master has been updated
       via  fbbfdbd Fix bug #8229 - git patch attached against 3.6.0-rc2 to fix 'widelinks' regression intro'd in 3.2
      from  84a4289 tdb_compat: change offset of CLEAR_IF_FIRST lock.

http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master


- Log -----------------------------------------------------------------
commit fbbfdbd64818252784e9ba2ab87af3a02bacde22
Author: Jeremy Allison <jra at samba.org>
Date:   Tue Sep 13 16:42:09 2011 -0700

    Fix bug #8229 - git patch attached against 3.6.0-rc2 to fix 'widelinks' regression intro'd in 3.2
    
    Add "allow insecure widelinks" to re-enable the ability (requested
    by some sites) to have "widelinks = yes" and "unix extensions = yes".
    
    Based on an original patch by Linda Walsh <samba at tlinx.org>
    
    Autobuild-User: Jeremy Allison <jra at samba.org>
    Autobuild-Date: Wed Sep 14 03:55:45 CEST 2011 on sn-devel-104

-----------------------------------------------------------------------

Summary of changes:
 .../smbdotconf/misc/allowinsecurewidelinks.xml     |   37 ++++++++++++++++++++
 docs-xml/smbdotconf/misc/widelinks.xml             |    4 ++
 docs-xml/smbdotconf/protocol/unixextensions.xml    |    4 ++
 source3/include/proto.h                            |    1 +
 source3/param/loadparm.c                           |   22 +++++++++++-
 5 files changed, 67 insertions(+), 1 deletions(-)
 create mode 100644 docs-xml/smbdotconf/misc/allowinsecurewidelinks.xml


Changeset truncated at 500 lines:

diff --git a/docs-xml/smbdotconf/misc/allowinsecurewidelinks.xml b/docs-xml/smbdotconf/misc/allowinsecurewidelinks.xml
new file mode 100644
index 0000000..a8a0991
--- /dev/null
+++ b/docs-xml/smbdotconf/misc/allowinsecurewidelinks.xml
@@ -0,0 +1,37 @@
+<samba:parameter name="allow insecure wide links"
+		context="G"
+		type="boolean"
+		xmlns:samba="http://www.samba.org/samba/DTD/samba-doc">
+<description>
+	<para>
+	In normal operation the option <smbconfoption name="wide links"/>
+	which allows the server to follow symlinks outside of a share path
+	is automatically disabled when <smbconfoption name="unix extensions"/>
+	are enabled on a Samba server. This is done for security purposes
+	to prevent UNIX clients creating symlinks to areas of the server
+	file system that the administrator does not wish to export.
+	</para>
+	<para>
+	Setting <smbconfoption name="allow insecure wide links"/> to
+	true disables the link between these two parameters, removing
+	this protection and allowing a site to configure
+	the server to follow symlinks (by setting <smbconfoption name="wide links"/>
+	to "true") even when <smbconfoption name="unix extensions"/>
+	is turned on.
+	</para>
+	<para>
+	If is not recommended to enable this option unless you
+	fully understand the implications of allowing the server to
+	follow symbolic links created by UNIX clients. For most
+	normal Samba configurations this would be considered a security
+	hole and setting this parameter is not recommended.
+	</para>
+	<para>
+	This option was added at the request of sites who had
+	deliberately set Samba up in this way and needed to continue
+	supporting this functionality without having to patch the
+	Samba code.
+	</para>
+</description>
+<value type="default">no</value>
+</samba:parameter>
diff --git a/docs-xml/smbdotconf/misc/widelinks.xml b/docs-xml/smbdotconf/misc/widelinks.xml
index 1c30bb7..da1374a 100644
--- a/docs-xml/smbdotconf/misc/widelinks.xml
+++ b/docs-xml/smbdotconf/misc/widelinks.xml
@@ -17,6 +17,10 @@
 	disabled (with a message in the log file) if the
 	<smbconfoption name="unix extensions"/> option is on.
 	</para>
+	<para>
+	See the parameter <smbconfoption name="allow insecure wide links"/>
+	if you wish to change this coupling between the two parameters.
+	</para>
 </description>
 
 <value type="default">no</value>
diff --git a/docs-xml/smbdotconf/protocol/unixextensions.xml b/docs-xml/smbdotconf/protocol/unixextensions.xml
index d816648..61a39cb 100644
--- a/docs-xml/smbdotconf/protocol/unixextensions.xml
+++ b/docs-xml/smbdotconf/protocol/unixextensions.xml
@@ -14,6 +14,10 @@
     Note if this parameter is turned on, the <smbconfoption name="wide links"/>
     parameter will automatically be disabled.
     </para>
+    <para>
+    See the parameter <smbconfoption name="allow insecure wide links"/>
+    if you wish to change this coupling between the two parameters.
+    </para>
 </description>
 
 <value type="default">yes</value>
diff --git a/source3/include/proto.h b/source3/include/proto.h
index 47321f3..d3ea6fc 100644
--- a/source3/include/proto.h
+++ b/source3/include/proto.h
@@ -1473,6 +1473,7 @@ bool lp_oplocks(int );
 bool lp_level2_oplocks(int );
 bool lp_onlyuser(int );
 bool lp_manglednames(const struct share_params *p );
+bool lp_allow_insecure_widelinks(void);
 bool lp_widelinks(int );
 bool lp_symlinks(int );
 bool lp_syncalways(int );
diff --git a/source3/param/loadparm.c b/source3/param/loadparm.c
index 3b5c4df..01f6fa2 100644
--- a/source3/param/loadparm.c
+++ b/source3/param/loadparm.c
@@ -3900,6 +3900,15 @@ static struct parm_struct parm_table[] = {
 		.flags		= FLAG_ADVANCED | FLAG_SHARE,
 	},
 	{
+		.label		= "allow insecure wide links",
+		.type		= P_BOOL,
+		.p_class	= P_GLOBAL,
+		.offset		= GLOBAL_VAR(bAllowInsecureWidelinks),
+		.special	= NULL,
+		.enum_list	= NULL,
+		.flags		= FLAG_ADVANCED,
+	},
+	{
 		.label		= "wide links",
 		.type		= P_BOOL,
 		.p_class	= P_LOCAL,
@@ -5390,6 +5399,7 @@ FN_GLOBAL_INTEGER(lp_ctdb_timeout, ctdb_timeout)
 FN_GLOBAL_INTEGER(lp_ctdb_locktime_warn_threshold, ctdb_locktime_warn_threshold)
 FN_GLOBAL_BOOL(lp_async_smb_echo_handler, bAsyncSMBEchoHandler)
 FN_GLOBAL_BOOL(lp_multicast_dns_register, bMulticastDnsRegister)
+FN_GLOBAL_BOOL(lp_allow_insecure_widelinks, bAllowInsecureWidelinks)
 FN_GLOBAL_INTEGER(lp_winbind_cache_time, winbind_cache_time)
 FN_GLOBAL_INTEGER(lp_winbind_reconnect_delay, winbind_reconnect_delay)
 FN_GLOBAL_INTEGER(lp_winbind_max_clients, winbind_max_clients)
@@ -9637,6 +9647,10 @@ static bool lp_widelinks_internal(int snum)
 
 void widelinks_warning(int snum)
 {
+	if (lp_allow_insecure_widelinks()) {
+		return;
+	}
+
 	if (lp_unix_extensions() && lp_widelinks_internal(snum)) {
 		DEBUG(0,("Share '%s' has wide links and unix extensions enabled. "
 			"These parameters are incompatible. "
@@ -9649,7 +9663,13 @@ bool lp_widelinks(int snum)
 {
 	/* wide links is always incompatible with unix extensions */
 	if (lp_unix_extensions()) {
-		return false;
+		/*
+		 * Unless we have "allow insecure widelinks"
+		 * turned on.
+		 */
+		if (!lp_allow_insecure_widelinks()) {
+			return false;
+		}
 	}
 
 	return lp_widelinks_internal(snum);


-- 
Samba Shared Repository

More information about the samba-cvs mailing list