Samba 2.2.0a and Samba 2.0.10 security bugfixes released.

John E. Malmberg malmberg at Encompasserve.org
Wed Jun 27 21:25:52 GMT 2001


Could some one fix either the webservers or the HTML pages for the
SAMBA home pages?

The links to the files of the .diffs.gz are set with meta-tags saying that
they are plain text files, and not application octet streams as they
should be.  This makes it impossible to use them on browsers like
NETSCAPE that actually use the meta-tags instead of the file extension of
.gz.

The .tar.gz file links work correctly to allow downloads.  Just the
.diff.gz ones are broken.

Of course this may only be on the U.S. Mirrors, such as
http://us1.samba.org/samba/samba.html

On Sat, 23 Jun 2001, Jeremy Allison wrote:

> New releases of Samba to fix the security hole described at :
> 
> http://samba.org/samba/whatsnew/macroexploit.html

Small correction, OpenVMS ports are not easily vulnerable with the tools
that users have readily available or common knowlege of.


It would appear that the true fix for these exploits are:

1. Do not allow non-privileged users write access to /var/log/*

I do not know if this can be done with the UNIX security model.  It is
not difficult with ACLs.

2. When opening a file with SETUID/SETEUID as root privileges on behalf of
   a user request, make sure that the user really has the access
   requested.

-John
wb8tyw at qsl.network
Personal Opinion Only





More information about the samba-technical mailing list