The Samba-Bugzilla – Attachment 5279 Details for
Bug 7104
"wide links" and "unix extensions" are incompatible; CVE-2010-0926
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
git-am fix for 3.5.0.
0001-Fix-bug-7104-wide-links-and-unix-extensions-are-inco.patch (text/plain), 5.75 KB, created by
Jeremy Allison
on 2010-02-05 17:27:25 UTC
(
hide
)
Description:
git-am fix for 3.5.0.
Filename:
MIME Type:
Creator:
Jeremy Allison
Created:
2010-02-05 17:27:25 UTC
Size:
5.75 KB
patch
obsolete
>From bd269443e311d96ef495a9db47d1b95eb83bb8f4 Mon Sep 17 00:00:00 2001 >From: Jeremy Allison <jra@samba.org> >Date: Fri, 5 Feb 2010 15:20:18 -0800 >Subject: [PATCH] Fix bug 7104 - "wide links" and "unix extensions" are incompatible. > >Change parameter "wide links" to default to "no". >Ensure "wide links = no" if "unix extensions = yes" on a share. >Fix man pages to refect this. > >Remove "within share" checks for a UNIX symlink set - even if >widelinks = no. The server will not follow that link anyway. > >Correct DEBUG message in check_reduced_name() to add missing "\n" >so it's really clear when a path is being denied as it's outside >the enclosing share path. > >Jeremy. >--- > docs-xml/smbdotconf/misc/widelinks.xml | 13 ++++++-- > docs-xml/smbdotconf/protocol/unixextensions.xml | 3 ++ > source3/param/loadparm.c | 2 +- > source3/smbd/service.c | 8 +++++ > source3/smbd/trans2.c | 36 ----------------------- > source3/smbd/vfs.c | 2 +- > 6 files changed, 22 insertions(+), 42 deletions(-) > >diff --git a/docs-xml/smbdotconf/misc/widelinks.xml b/docs-xml/smbdotconf/misc/widelinks.xml >index fb707c1..1c30bb7 100644 >--- a/docs-xml/smbdotconf/misc/widelinks.xml >+++ b/docs-xml/smbdotconf/misc/widelinks.xml >@@ -9,10 +9,15 @@ > server are always allowed; this parameter controls access only > to areas that are outside the directory tree being exported.</para> > >- <para>Note that setting this parameter can have a negative >- effect on your server performance due to the extra system calls >- that Samba has to do in order to perform the link checks.</para> >+ <para>Note: Turning this parameter on when UNIX extensions are enabled >+ will allow UNIX clients to create symbolic links on the share that >+ can point to files or directories outside restricted path exported >+ by the share definition. This can cause access to areas outside of >+ the share. Due to this problem, this parameter will be automatically >+ disabled (with a message in the log file) if the >+ <smbconfoption name="unix extensions"/> option is on. >+ </para> > </description> > >-<value type="default">yes</value> >+<value type="default">no</value> > </samba:parameter> >diff --git a/docs-xml/smbdotconf/protocol/unixextensions.xml b/docs-xml/smbdotconf/protocol/unixextensions.xml >index da9ad10..36e72d2 100644 >--- a/docs-xml/smbdotconf/protocol/unixextensions.xml >+++ b/docs-xml/smbdotconf/protocol/unixextensions.xml >@@ -10,6 +10,9 @@ > by supporting features such as symbolic links, hard links, etc... > These extensions require a similarly enabled client, and are of > no current use to Windows clients.</para> >+ <para> >+ Note if this parameter is turned on, the <smbconfoption name="wide links"/> >+ parameter will automatically be disabled. > </description> > > <value type="default">yes</value> >diff --git a/source3/param/loadparm.c b/source3/param/loadparm.c >index bd70ee1..5bac25c 100644 >--- a/source3/param/loadparm.c >+++ b/source3/param/loadparm.c >@@ -606,7 +606,7 @@ static struct service sDefault = { > True, /* bLevel2OpLocks */ > False, /* bOnlyUser */ > True, /* bMangledNames */ >- True, /* bWidelinks */ >+ false, /* bWidelinks */ > True, /* bSymlinks */ > False, /* bSyncAlways */ > False, /* bStrictAllocate */ >diff --git a/source3/smbd/service.c b/source3/smbd/service.c >index e8775ff..8039d16 100644 >--- a/source3/smbd/service.c >+++ b/source3/smbd/service.c >@@ -1039,6 +1039,14 @@ connection_struct *make_connection_snum(struct smbd_server_connection *sconn, > } > #endif > >+ if (lp_unix_extensions() && lp_widelinks(snum)) { >+ DEBUG(0,("Share '%s' has wide links and unix extensions enabled. " >+ "These parameters are incompatible. " >+ "Disabling wide links for this share.\n", >+ lp_servicename(snum) )); >+ lp_do_parameter(snum, "wide links", "False"); >+ } >+ > /* Figure out the characteristics of the underlying filesystem. This > * assumes that all the filesystem mounted withing a share path have > * the same characteristics, which is likely but not guaranteed. >diff --git a/source3/smbd/trans2.c b/source3/smbd/trans2.c >index df61167..28862d1 100644 >--- a/source3/smbd/trans2.c >+++ b/source3/smbd/trans2.c >@@ -5836,42 +5836,6 @@ static NTSTATUS smb_set_file_unix_link(connection_struct *conn, > return NT_STATUS_INVALID_PARAMETER; > } > >- /* !widelinks forces the target path to be within the share. */ >- /* This means we can interpret the target as a pathname. */ >- if (!lp_widelinks(SNUM(conn))) { >- char *rel_name = NULL; >- char *last_dirp = NULL; >- >- if (*link_target == '/') { >- /* No absolute paths allowed. */ >- return NT_STATUS_ACCESS_DENIED; >- } >- rel_name = talloc_strdup(ctx,newname); >- if (!rel_name) { >- return NT_STATUS_NO_MEMORY; >- } >- last_dirp = strrchr_m(rel_name, '/'); >- if (last_dirp) { >- last_dirp[1] = '\0'; >- } else { >- rel_name = talloc_strdup(ctx,"./"); >- if (!rel_name) { >- return NT_STATUS_NO_MEMORY; >- } >- } >- rel_name = talloc_asprintf_append(rel_name, >- "%s", >- link_target); >- if (!rel_name) { >- return NT_STATUS_NO_MEMORY; >- } >- >- status = check_name(conn, rel_name); >- if (!NT_STATUS_IS_OK(status)) { >- return status; >- } >- } >- > DEBUG(10,("smb_set_file_unix_link: SMB_SET_FILE_UNIX_LINK doing symlink %s -> %s\n", > newname, link_target )); > >diff --git a/source3/smbd/vfs.c b/source3/smbd/vfs.c >index 5acec70..94bdb1f 100644 >--- a/source3/smbd/vfs.c >+++ b/source3/smbd/vfs.c >@@ -945,7 +945,7 @@ NTSTATUS check_reduced_name(connection_struct *conn, const char *fname) > strlen(conn_rootdir)) != 0) { > DEBUG(2, ("check_reduced_name: Bad access " > "attempt: %s is a symlink outside the " >- "share path", fname)); >+ "share path\n", fname)); > if (free_resolved_name) { > SAFE_FREE(resolved_name); > } >-- >1.6.6 >
You cannot view the attachment while viewing its details because your browser does not support IFRAMEs.
View the attachment on a separate page
.
View Attachment As Raw
Actions:
View
Attachments on
bug 7104
:
5279
|
5280
|
5281
|
5282
|
5283
|
5325
|
5326
|
5327
|
5328
|
5329
|
5330
|
5331
|
5332