Patch for unix extensions
John Newbigin
jn at it.swin.edu.au
Wed Jan 1 22:18:00 GMT 2003
jra at dp.samba.org wrote:
> On Tue, Dec 31, 2002 at 10:36:33AM +0100, Simo Sorce wrote:
>
>> Jeremy, in case of unix extensions, shouldn't we pass the symlink
>> as is and not resolve it?
>
>
> Yes we do - if the client uses the UNIX extensions to readlink. The
> problem is a UNIX extension client could set a symlink on the server
> (which in a UNIX <--> UNIX scenario would never be resolved on the
> server, but read and resolved on the clients filesystem) and then do
> a normal SMB open call on it to escape the restrictions of exporting
> only a small part of the servers filesystem.
This is not always a problem. There might be cases where users must be
restricted to a specific shared directory, but in the case of UNIX
extensions, the users probably* have shell access to the server anyway.
Using samba they still have the same user restrictions as shell access
so there is no greater security risk if they access a file remotly than
if they do localy.
By making this an option, the default level of security is suitable for
a restricted server but can be relaxed if need be. The name of this
option could be changed and perhaps other semantics associated with it
(what exactly is a wide link?) but I don't think it creates any
security problems.
John.
*probably is a bit of a generalisation. In the case of sharing home
directories it is possible. What other writable directories are going
to be shared? Are symlinks required in those directories?
>
>
>> I think a proper unix-like file system should be able to return
>> links.
>
>
> It can. I just can't trust the client to do this.
>
> Jeremy.
>
>
>
--
Information Technology Innovation Group
Swinburne University. Melbourne, Australia
http://uranus.it.swin.edu.au/~jn
More information about the samba-technical
mailing list