AW: [Samba] Samba 3.10 and higher
Kramer Jens ZFF ISAC
Jens.Kramer at zf.com
Tue Apr 12 11:29:27 GMT 2005
Hello again,
the same can be done with textpad and adjustments in preferences/file
also changes owner when a file is changed and saved.
greetings jens Kramer
-----Ursprüngliche Nachricht-----
Von: Willem Jaap Zwart [mailto:W.J.Zwart at NescioLudens.nl]
Gesendet: Freitag, 8. April 2005 16:55
An: Kramer Jens ZFF ISAC
Cc: samba at samba.org
Betreff: Re: [Samba] Samba 3.10 and higher
Hi
We noticed this as well.
This is because ultraedit effectively moves the original file to the bak
file first and then create a NEW file (with indeed the rights of the current
user). Because of the group writable bit this is completely legal.
The only thing you can do is remove the group writable bit, but then users
in the same group can not edit each other files. I consider this more a bug
in UltraEdit (it should create a new bak file iso moving the original file)
kind regards
Willem Jaap
Kramer Jens ZFF ISAC said:
> Due the software Ultraedit, it is possible to manipulate the ownership
> of Files!!!
> This may be a big securetyhole.
>
> A test.txt owner jens:group fish Unixrights 760 opened an manipulated
> whit ultraedit, saved. ther will be 2 Files
> one test.txt which is owned by the modifier( e.g hans:fish), and a
> test.txt.bak which is owened by jens.fish.
> That's OK.
> so if i repeat this sequenz again, i will delete the first created
> test.txt.bak with my own, and destroyed the original File from the
> original
> User.
>
>
>
> How is this possible??? Can I forbid this action???
>
> Thanks
> Jens
>
> --
> To unsubscribe from this list go to the following URL and read the
> instructions: https://lists.samba.org/mailman/listinfo/samba
>
More information about the samba
mailing list