Claimed Zero Day exploit in Samba.

simo idra at
Sat Feb 6 12:31:29 MST 2010

On Sat, 2010-02-06 at 14:24 -0500, Michael Gilbert wrote:
> On Sat, 06 Feb 2010 14:12:38 -0500 simo wrote:
> > > It would be feature-complete for users and administrators to control whether a 
> > > remote user is trying to link outside his share because a user might want to 
> > > link a directory in his own share, and an administrator might want to link a 
> > > directory for users inside their shares.
> > 
> > Unfortunately it is not possible to have your cake and eat it too. If
> > you want unix extensions and you do not want to severely limit what can
> > be done with it, then you must allow to create any symbolic link.
> like i said before and concurred by Jeremy, the ideal (but potentially
> very complex) solution is to detect when remote users attempt to jump to
> a target outside of their authorized shares and prevent that.

You are describing the option "wide links = no" as far as I can
understand. Unless you mean to consider as "authorized", file system
areas that are exposed by other shares. In that case I'd say that is
indeed too complex to build something that will work correctly in all

> > Patch is here:
> >;a=commit;h=bd269443e311d96ef495a9db47d1b95eb83bb8f4
> good news!  thanks,
> mike


Simo Sorce
Samba Team GPL Compliance Officer <simo at>
Principal Software Engineer at Red Hat, Inc. <simo at>

More information about the samba-technical mailing list