symlink owner question

Scott Lovenberg scott.lovenberg at gmail.com
Wed Apr 26 18:28:53 UTC 2017


william On Tue, Apr 25, 2017 at 2:10 PM, Uri Simchoni via
samba-technical <samba-technical at lists.samba.org> wrote:
> Hi,
>
> Can anyone think of a case where the owner of a symlink matters, that
> is, suppose the user creates a symlink via SMB (POSIX extensions), and
> the resulting link owned by the wrong user.
>
> We have such behavior if:
> 1. The user is in "admin users" --> smbd runs as root and link owned by
> root.
> 2. "inherit owner" is enabled - the link has the creator's owner, not
> the inherited owner.
>
> *if* it matters, I can't think of a way of reliably fixing it:
> - lchown is a bit racy because the symlink may have been superseded with
> something else.
> - fchown - the only way I found for opening the symlink is using O_PATH,
> and that doesn't support fchown (documented and experimentally verified).
>
> I have produced a failing test to demonstrate the issue (see attached),
> but then got stuck with fixing it :(, so perhaps it's better to declare
> it as a non-issue....
>
> Thoughts?
> Uri.

Here's an interesting case : DFS symlinks - are there any security
implications (especially when the owning group is considered the owner
in MS land)?  Another thought - is it possible that a directory with
the sticky bit set (or the ACL/XATTR equivalent bits for "Creator
Owner") you get into a situation where you cannot modify or delete a
file that you created because the ownership changed?  Other than that,
I'm drawing a blank on any side effects and those two are probably
corner cases at best.

-- 
Peace and Blessings,
-Scott.



More information about the samba-technical mailing list