Security issue with Scheduled (AT) jobs on NTworkstation and SAMBA
Jeremy Allison
jra at samba.org
Mon Apr 1 17:51:04 GMT 2002
On Mon, Apr 01, 2002 at 05:30:44PM -0500, kevin.k.sochacki at exxonmobil.com wrote:
> I use the Scheduler to run a process on a NT workstation that attaches to a
> SAMBA (SAMBA 2.0.6 on RH 6.2) share as a specific user (USER1), if another
> user (USER2) logs onto the system and the link is still established the
> other user (USER2) can access the first user's (USER1) data. The logged on
> user (USER2) does not have an account on the SAMBA server and shouldn't be
> able to access anything and this is true as long as the first user's
> (USER1) link is not established. If I do the same thing to a NT Server the
> logged-in user (USER2) is denied access to the data even though the link is
> established. This is a pretty serious security issue. Can anyone answer
> the following question or have any ideal how to close this rather large
> security hole?
>
> Is there a SAMBA configuration parameter that I'm not aware of that
> addresses this issue?
> or
> Is this a NT workstations issue?
> If it is a NT issue, why so if the problem does not occur with a NT Server?
>
> Attached is a simple example of a batch file, if run from the scheduler
> will duplicate the problem.
>
> (See attached file: link.bat)
>
> Currently the only work around I have is to use the '/persistent=no' and
> '/d' flags with 'net use' so the link is disconnected after the process is
> done. The intention is to update a database with data being collected from
> research instruments which could run for hours making it a huge security
> risk.
There was a bug with early versions of Samba 2.0 (and previous)
that allowed an open file by a privilaged user to be read by an
unprivilaged user on the same client machine.
I fixed this in the 2.0.x codebase (can't remember the exact
release, I can look this up from the CVS logs) - the original
bug was reported by Rational software (thanks to them). Let me
know if you really need to know what version of 2.0.x fixed
this problem.
This was definately fixed for 2.2.x and is not a current issue.
There are other security related problems with the code you are
running, I seriously suggest you upgrade.
Regards,
Jeremy Allison,
Samba Team.
More information about the samba-technical
mailing list