[Samba] Security leak in map_nt_perms?
Jeremy Allison
jra at samba.org
Wed Aug 27 21:29:38 GMT 2008
On Wed, Aug 27, 2008 at 11:15:20PM +0200, Abramo Bagnara wrote:
> Jeremy Allison ha scritto:
> > On Sat, Aug 16, 2008 at 09:42:51AM +0200, Abramo Bagnara wrote:
> >> This is exactly what I'd expect...
> >
> > Hmmm, not what I'd expect :-). I'll have to check into the POSIX
> > mapping further, been a while since I wrote it. Are you checking
> > on a system with POSIX ACLs enabled or just straight POSIX permissions ?
>
> Any news?
No, haven't got to this yet. One more question, were you setting
the user or group ACE to '---' or an alternate user or group
ACE to '---' ?
> Are you willing to accept a patch that make samba to ignore request to
> allow FILE_{READ|WRITE}_{ATTRIBUTES|EA) when computing resulting Unix
> permission/ACL?
Not without examining this code thoroughly first, sorry.
Jeremy.
More information about the samba
mailing list