[PATCH] Fix bug 12721 - CVE-2017-2619 regression with "follow symlinks = no"
Jeremy Allison
jra at samba.org
Mon Mar 27 22:33:36 UTC 2017
On Mon, Mar 27, 2017 at 11:44:19PM +0300, Uri Simchoni via samba-technical wrote:
> On 03/27/2017 10:23 PM, Jeremy Allison wrote:
> > This one was really interesting. It actually isn't
> > related (directly) to the CVE-2017-2619 fix. That
> > fix exposed an incorrect assumption that Samba has
> > had for a few years. Quite simply, on a POSIX
> > filesystem the directory entries "." and ".."
> > by design can *NEVER* be symlinks - and we were treating
> > them as if they could be.
> >
> > Fix and regression test attached.
> >
> > Please review and push if happy, and I'll back-port
> > for the production releases.
> >
> > Jeremy.
> >
> Pushed.
Thanks - there may also be another issue as well
the Ralph just brought up, but we can fix that one separately
once this goes in.
Jeremy.
More information about the samba-technical
mailing list