[SMB3POSIX] File attributes

Ralph Boehme slow at samba.org
Tue Nov 14 16:44:57 UTC 2023

On 11/14/23 17:22, Tom Talpey wrote:
> But, does it need to be exposed to remote access? It would seem to be an
> admin function, most appropriate to apply via the server-local API.
> So to flip the question, does "chattr -i" (or any of the zillion others)
> expose any new vulnerability if remote? Some of them look fairly juicy
> targets for ransomware infiltration.

there seems to be a working local privilege system associated with the 
attributes. If this was flawed there'd already be a serious problem with 
local access, so I don't think remote access changes the big picture, 
does it?

-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature.asc
Type: application/pgp-signature
Size: 840 bytes
Desc: OpenPGP digital signature
URL: <http://lists.samba.org/pipermail/samba-technical/attachments/20231114/0124711e/OpenPGP_signature.sig>

More information about the samba-technical mailing list