Claimed Zero Day exploit in Samba.
jra at samba.org
Sat Feb 6 18:44:16 MST 2010
On Sat, Feb 06, 2010 at 02:29:29PM -0500, Michael Gilbert wrote:
> i've got a sinking feeling that symlinks are not be the only way to
> achieve this goal. i guess we'll see whether we get a new disclosure
> on that sometime soon.
I'm pretty sure they *were* the only way. I don't think you
appreciate how much effort over the years in Samba has gone
into making sure people can't send paths that get resolved
out of the share definition. Symlinks really were a special
case as they can't be processed through any of the normal
path restriction code when being set.
More information about the samba-technical