[PATCH][WIP] Make exploiting talloc harder by using a random talloc_magic

Andrew Bartlett abartlet at samba.org
Wed Oct 16 22:09:44 MDT 2013

On Wed, 2013-10-16 at 21:05 -0700, Jeremy Allison wrote:
> On Thu, Oct 17, 2013 at 02:34:14PM +1300, Andrew Bartlett wrote:
> > This patch is inspired by the exploit in
> > http://blog.csnc.ch/wp-content/uploads/2012/07/sambaexploit_v1.0.pdf‎
> That link isn't resolving :-(. Do you have an updated pointer to it ?

It's the first hit for "samba talloc exploit" in Google.  

> > What do folks think, and can I get some help to prove it would disrupts
> > these exploits?
> Looks a very interesting idea to me, and I really appreciate
> you expressing it in code :-). That certainly helps to understand
> the exact meaning of what you're trying to do.


Andrew Bartlett

Andrew Bartlett
Authentication Developer, Samba Team           http://samba.org
Samba Developer, Catalyst IT                   http://catalyst.net.nz

More information about the samba-technical mailing list