Claimed Zero Day exploit in Samba.

simo idra at samba.org
Fri Feb 5 14:47:33 MST 2010


On Fri, 2010-02-05 at 16:37 -0500, Michael Gilbert wrote:
> 
> the problem is that some users will need to set "wide links = yes",
> and
> will be forced to leave themselves vulnerable to this issue.

They can disable unix extensions in that case and users will not be able
to create symlinks at all from remote.

Simo.

-- 
Simo Sorce
Samba Team GPL Compliance Officer <simo at samba.org>
Principal Software Engineer at Red Hat, Inc. <simo at redhat.com>



More information about the samba-technical mailing list