Claimed Zero Day exploit in Samba.
Jeremy Allison
jra at samba.org
Sat Feb 6 18:38:51 MST 2010
On Sat, Feb 06, 2010 at 03:58:28PM -0500, David Collier-Brown wrote:
>
> Hard links created by people with shell accounts will
> 1) appear to be inside the user's share
> 2) refer to something that is elsewhere
>
> $ ln /etc/passwd
> $ ls -l ./passwd
> -rw-r--r-- 2 root root 1759 2009-11-13 10:16 ./passwd
> $ head -2 ./passwd
> root:!!:0:0:root:/root:/bin/bash
> bin:*:1:1:bin:/bin:/sbin/nologin
> $
>
> In general, the impedance mismatch here is both considerable and
> hard to fix, as the concept of "outside your share" means "somewhere
> else" in the Unix world: it isn't a concept that exists outside of a jail...
The Samba unix extensions implementation of hard links
prevents any links outside the exported share path, so
this isn't an issue for us.
Jeremy.
More information about the samba-technical
mailing list