[Samba] User can't access a share that he has full control of

simo idra at samba.org
Mon Aug 21 18:41:19 GMT 2006


On Mon, 2006-08-21 at 11:12 -0700, Jeremy Allison wrote:
> > 3. If I do this change for our customers, is there any security issue
> > here that I haven't thought about?
> 
> Yes, it's a security hole (IMHO). It completely bypasses
> security for a path. There might be things an attacker
> could do with this (don't have time right now to think
> up evil scenarious but I'm sure there are some :-).

An easy example is accessing other users home directories where the user
target has a 700 permission on his home directory specifically set to
keep out other users. It is a common scenario on unix environments.

Simo.

-- 
Simo Sorce
Samba Team GPL Compliance Officer
email: idra at samba.org
http://samba.org



More information about the samba mailing list