[Samba] User can't access a share that he has full control of
simo
idra at samba.org
Mon Aug 21 18:41:19 GMT 2006
On Mon, 2006-08-21 at 11:12 -0700, Jeremy Allison wrote:
> > 3. If I do this change for our customers, is there any security issue
> > here that I haven't thought about?
>
> Yes, it's a security hole (IMHO). It completely bypasses
> security for a path. There might be things an attacker
> could do with this (don't have time right now to think
> up evil scenarious but I'm sure there are some :-).
An easy example is accessing other users home directories where the user
target has a 700 permission on his home directory specifically set to
keep out other users. It is a common scenario on unix environments.
Simo.
--
Simo Sorce
Samba Team GPL Compliance Officer
email: idra at samba.org
http://samba.org
More information about the samba
mailing list