Re: Samba Remote Zero-Day Exploit

看板Bugtraq作者paul.時間16年前 (2010/02/09 02:01)推噓0(0推 0噓 0→)

留言0則, 0人參與討論串3/12 (看更多)

Dear Dan, > The bug here is that out-of-path symlinks are remotely writable. ... You mean "creatable". > ... the fact that he can *generate* the symlink breaks ... Nothing breaks if the admin sets "wide links = no" for that share: the link is not followed. > But Samba supports dropping a user into a path ... I never noticed such support documented: references please? > ... and it really does need to keep him there. You cannot "break out" of shares with "wide links = no". > ... Samba is supposed to match Windows semantics in general. No please, do not dumb it down. Cheers, Paul Paul Szabo psz@maths.usyd.edu.au http://www.maths.usyd.edu.au/u/psz/ School of Mathematics and Statistics University of Sydney Australia

‣ 返回看板[ Bugtraq ] 臭蟲

‣ 更多 paul. 的文章

文章代碼(AID): #1BS55ZSR (Bugtraq)