[PATCH] s3: introduce new share parameter "open special files"
Ralph Wuerthner
ralphw at de.ibm.com
Fri May 3 05:31:01 MDT 2013
On Fri, 3 May 2013 13:15:33 +0200
Ralph Wuerthner <ralphw at de.ibm.com> wrote:
> Hi list,
>
> attached patch introduces a new share parameter "open special files"
> to control whether special files such as sockets, devices and fifo's
> will be opened by the server or not. If set to "no" open requests to
> special files will fail with "access denied". Default value for "open
> special files" is "no".
>
> Access to special files impose a security risk because it may for
> example allow remote clients raw access to local hard drives or
> kernel memory.
>
> Regards
>
> Ralph
I found a bug in above patch: the check for special files
must be done after checking for directories. Otherwise opening a
directory as a file will fail with "access denied" instead of "file is
a directory".
Regards
Ralph
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0001-s3-introduce-new-share-parameter-open-special-files-v2.patch
Type: text/x-patch
Size: 4999 bytes
Desc: not available
URL: <http://lists.samba.org/pipermail/samba-technical/attachments/20130503/9f1dbe60/attachment.bin>
More information about the samba-technical
mailing list