On Wed, Jan 06, 2016 at 08:33:12PM +0100, Andreas Maier wrote:> Am 06.01.2016 um 20:10 schrieb Jeremy Allison: > >On Wed, Jan 06, 2016 at 07:58:32PM +0100, Reindl Harald wrote: > >> > >>Am 06.01.2016 um 19:35 schrieb Andreas Maier: > >>>Am 06.01.2016 um 19:28 schrieb Jeremy Allison: > >>>>Can't reproduce this on latest 4.3.x (and I just tried). We did have > >>>>such a bug, but I remember fixing it :-). What Samba version is > >>>>running on the Synology ? > >>>Jeremy, > >>>The smbd version is 4.1.18, according to the NOS value shown in > >>>/proc/fs/cifs/DebugData on the client side, and according to "smbd -V" > >>>on the server side. > >>> > >>>I have no control over the samba level on the server side (other than > >>>upgrading the Synology firmware). So if this has been fixed in a version > >>>after 4.1.18, it would be good to know for sure, then I can create a > >>>request for Synology to upgrade their included samba version > >>well, the latest 4.1.x is 4.1.22 according to > >>https://download.samba.org/pub/samba/ > >No, latest Samba is : 4.3.3 security release. > > > >We also released 4.2.7, 4.1.22 at the same time. > > > Jeremy, > I checked the WHATSNEW.txt file of 4.3.3 and 4.1.22, but could not > find anything that is related to this behavior.No, it's a security release only.> There is a fix for CVE-2015-5252 (Insufficient symlink verification > in smbd), could that be the solution to the > cannot-delete-broken-symlink behavior in addition?No, that wasn't a security bug and wasn't what was fixed. The bug you're having was already fixed in 4.3.x. Go to bugzilla.samba.org and search for bugs with 'symlink' in the title. You should be able to find the one which will give you the date and version number containing the fix.
Am 06.01.2016 um 20:35 schrieb Jeremy Allison:> On Wed, Jan 06, 2016 at 08:33:12PM +0100, Andreas Maier wrote: >> >> Jeremy, >> I checked the WHATSNEW.txt file of 4.3.3 and 4.1.22, but could not >> find anything that is related to this behavior. > No, it's a security release only. > >> There is a fix for CVE-2015-5252 (Insufficient symlink verification >> in smbd), could that be the solution to the >> cannot-delete-broken-symlink behavior in addition? > No, that wasn't a security bug and wasn't what was fixed. > The bug you're having was already fixed in 4.3.x. Go to > bugzilla.samba.org and search for bugs with 'symlink' > in the title. You should be able to find the one > which will give you the date and version number > containing the fix.Jeremy, The only bug I was able to match with the observed behavior is this: https://bugzilla.samba.org/show_bug.cgi?id=9492 "unable to POSIX delete symlinks that don't have a valid target" Its status says "NEW". Also, the WHATSNEW.txt files of 4.1.18, 4.3.3 and 4.1.22 do not mention that bug, and searching the commit log for "9492" gives no bug with that number. Is this the bug you are remembering? Is it possible that the solution to that bug was not included yet? Andy
On Wed, Jan 06, 2016 at 09:00:30PM +0100, Andreas Maier wrote:> Am 06.01.2016 um 20:35 schrieb Jeremy Allison: > >On Wed, Jan 06, 2016 at 08:33:12PM +0100, Andreas Maier wrote: > >> > >>Jeremy, > >>I checked the WHATSNEW.txt file of 4.3.3 and 4.1.22, but could not > >>find anything that is related to this behavior. > >No, it's a security release only. > > > >>There is a fix for CVE-2015-5252 (Insufficient symlink verification > >>in smbd), could that be the solution to the > >>cannot-delete-broken-symlink behavior in addition? > >No, that wasn't a security bug and wasn't what was fixed. > >The bug you're having was already fixed in 4.3.x. Go to > >bugzilla.samba.org and search for bugs with 'symlink' > >in the title. You should be able to find the one > >which will give you the date and version number > >containing the fix. > > Jeremy, > The only bug I was able to match with the observed behavior is this: > > https://bugzilla.samba.org/show_bug.cgi?id=9492 > "unable to POSIX delete symlinks that don't have a valid target" > > Its status says "NEW". Also, the WHATSNEW.txt files of 4.1.18, 4.3.3 > and 4.1.22 do not mention that bug, and searching the commit log for > "9492" gives no bug with that number. > > Is this the bug you are remembering? > Is it possible that the solution to that bug was not included yet?No, more like these (closed) bugs: https://bugzilla.samba.org/show_bug.cgi?id=10429 https://bugzilla.samba.org/show_bug.cgi?id=8663 https://bugzilla.samba.org/show_bug.cgi?id=7234 We do have a regression test, test_bad_symlink() for this (which we must pass for any code to get into the tree).