Re: Samba Remote Zero-Day Exploit

From: paul.szabo@sydney.edu.au
To: kcope2@googlemail.com
Cc: bugtraq@securityfocus.com,dan@doxpara.com,full-disclosure@lists.grok.org.uk
Subject: Re: Samba Remote Zero-Day Exploit
Date:


Dear Kingcope,

> Turning off symlink support in samba closes the hole but then no
> access to symlinks created by the administrator is possible ...

Correct.

Maybe what you want is for Samba to add and support an option like
"allow create symlink" (with default "no"). I myself do not think it
would be useful... would surely be a few lines of code only, so if you
want to submit a patch to the Samba team... or just patch your own
servers (as I do, see http://www.maths.usyd.edu.au/u/psz/samba/).

Cheers, Paul

Paul Szabo   psz@maths.usyd.edu.au   http://www.maths.usyd.edu.au/u/psz/
School of Mathematics and Statistics   University of Sydney    Australia





Copyright © 1995-2020 LinuxRocket.net. All rights reserved.