[PATCH][WIP] Make exploiting talloc harder by using a random talloc_magic
abartlet at samba.org
Wed Oct 16 22:09:44 MDT 2013
On Wed, 2013-10-16 at 21:05 -0700, Jeremy Allison wrote:
> On Thu, Oct 17, 2013 at 02:34:14PM +1300, Andrew Bartlett wrote:
> > This patch is inspired by the exploit in
> > http://blog.csnc.ch/wp-content/uploads/2012/07/sambaexploit_v1.0.pdf
> That link isn't resolving :-(. Do you have an updated pointer to it ?
It's the first hit for "samba talloc exploit" in Google.
> > What do folks think, and can I get some help to prove it would disrupts
> > these exploits?
> Looks a very interesting idea to me, and I really appreciate
> you expressing it in code :-). That certainly helps to understand
> the exact meaning of what you're trying to do.
Authentication Developer, Samba Team http://samba.org
Samba Developer, Catalyst IT http://catalyst.net.nz
More information about the samba-technical