Testing of Security vulnerability
John E. Malmberg
malmberg at Encompasserve.org
Wed Apr 25 21:02:01 GMT 2001
Regarding the fix in the 2.0.8 / 2.2.0 release.
I need someone to send me privately either the instructions to test
SAMBA on OpenVMS for the security vulnerability.
Or to confirm based on the following that SAMBA on the OpenVMS platform is
not vulnerable.
1. OpenVMS does not implement SYMBOLIC LINKS in any shipping release.
2. OpenVMS does not allow raw access to any file structured device via
any of the syscalls used by SAMBA unless the System Administrator has
made a strange change to the SAMBA startup scripts. And even if this
strange change was made, I have not found any code paths that allow
the corruption of the file data.
3. Because of the way /tmp is handled by SAMBA on OpenVMS, it is not real
likely that creative relative path "../../" stuff will result in
anything other than an error return.
It is unlikely that I will be able to build an updated release for a
while, so it would be nice to establish the risk for the OpenVMS platform
for the existing SAMBA 1.19.x, 2.0.3, and 2.0.6 releases.
Regards,
-John
Malmberg at encompasserve.organization
wb8tyw at qsl.network
More information about the samba-technical
mailing list