[Samba] Security leak in map_nt_perms?

Jeremy Allison jra at samba.org
Fri Aug 15 15:38:52 GMT 2008


On Fri, Aug 15, 2008 at 11:52:17AM +0200, Abramo Bagnara wrote:
> 
> Sorry to show me dense, but I don't see the problem: the request to
> allow FILE_READ_ATTRIBUTES only would generate a 000 perms just as if
> map_nt_perms was called with only permissions not handled there.
> 
> I'd say that to ask to allow FILE_READ_ATTRIBUTES only don't have to
> generate any ACE at all (as this request under an Unix permission model
> point of view don't give to user/group any further right).
> 
> Could you explain how a possible conflict with a requested DENY ACE
> could happens?

Existing file has FILE_READ_DATA|FILE_WRITE_DATA|FILE_READ_ATTRIBUTES.
Acl comes in to change this to FILE_READ_ATTRIBUTES. Samba has to map
this to '---' according to you. Oops. Instant deny ACL. Not what was
intended.

Jeremy.


More information about the samba mailing list