[Samba] [Announce] Samba meta-data symlink vulnerability CVE-2021-20316

Jeremy Allison jra at samba.org
Mon Jan 10 16:51:00 UTC 2022

On Mon, Jan 10, 2022 at 04:31:02PM +0100, Ralph Boehme via samba wrote:
>On 1/10/22 16:06, Sven Schwedas via samba wrote:
>>Just for clarification: If client min protocol is set to SMB2 or 
>>higher, *or* unix entensions are disabled, and NFS is not used, this 
>>is not exploitable?
>correct. Unless you allow access by ssh.

If you allow access via ssh, you have local access to
all readable files anyway :-).

More information about the samba mailing list