[Samba] Samba 3.10 and higher
Willem Jaap Zwart
W.J.Zwart at NescioLudens.nl
Fri Apr 8 14:55:21 GMT 2005
Hi
We noticed this as well.
This is because ultraedit effectively moves the original file to the
bak file first and then create a NEW file (with indeed the rights of
the current user).
Because of the group writable bit this is completely legal.
The only thing you can do is remove the group writable bit, but then
users in the same group can not edit each other files.
I consider this more a bug in UltraEdit (it should create a new bak
file iso moving the original file)
kind regards
Willem Jaap
Kramer Jens ZFF ISAC said:
> Due the software Ultraedit, it is possible to manipulate the ownership
> of
> Files!!!
> This may be a big securetyhole.
>
> A test.txt owner jens:group fish Unixrights 760 opened an manipulated
> whit
> ultraedit, saved. ther will be 2 Files
> one test.txt which is owned by the modifier( e.g hans:fish), and a
> test.txt.bak which is owened by jens.fish.
> That's OK.
> so if i repeat this sequenz again, i will delete the first created
> test.txt.bak with my own, and destroyed the original File from the
> original
> User.
>
>
>
> How is this possible??? Can I forbid this action???
>
> Thanks
> Jens
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions: https://lists.samba.org/mailman/listinfo/samba
>
More information about the samba
mailing list