Another SAMBA issue we've got - permission translation between Unix and Samba

Einat Ben Ezra einat.benezra at cyber-ark.com
Thu Mar 12 07:03:14 MDT 2015



-----Original Message-----
From: Einat Ben Ezra
Sent: Tuesday, February 17, 2015 12:30 PM
To: Simo
Cc: samba-technical at lists.samba.org
Subject: RE: Another SAMBA issue we've got - permission translation between Unix and Samba

Hi Simo,

We are facing the following problem: Our product, using CIFS infrastructure retrieves a file from a certain directory.
After retrieving this file  by the CIFS infrastructure into another directory, the file comes as hidden file. The file is not hidden in a first place.

We would like to know whether there is a known issue with permission translation between SAMBA and Unix?

Thanks,

Einat.



-----Original Message-----
From: Simo [mailto:simo at samba.org]
Sent: Monday, February 16, 2015 5:03 PM
To: Moti Avrahami
Cc: samba-technical at lists.samba.org
Subject: Re: Samba & GHOST vulnerability

On Wed, 2015-02-11 at 13:06 +0000, Moti Avrahami wrote:
> Hi
>
> We want to know whether the SAMBA is vulnerable to the GHOST (glibc) vulnerability - CVE-2015-0235.
> https://access.redhat.com/articles/1332213
>
> We are using SAMBA as a 3rd party for a CIFS implementation product.
> We'll kindly appreciate your quick answer.

Hi Moti,
we haven't done any assessment of glibc's GHOST vulnerability related to Samba.
Samba runs on a variety of platforms and not all of them have this vulnerability to start with (non-glibc, newer glibc, etc.).

We suggest you follow best practices and jut make sure you use a libc that is not affected.

Regards,
Simo.

--
Simo Sorce

_______________________________________________
This e-mail may contain information that is confidential, privileged or otherwise protected from disclosure.
If you are not an intended recipient of this e-mail, do not duplicate or redistribute it by any means. Please delete it and any attachments and notify the sender that you have received it in error.


More information about the samba-technical mailing list