Jeremy Allison
2022-Jan-10 16:51 UTC
[Samba] [Announce] Samba meta-data symlink vulnerability CVE-2021-20316
On Mon, Jan 10, 2022 at 04:31:02PM +0100, Ralph Boehme via samba wrote:>On 1/10/22 16:06, Sven Schwedas via samba wrote: >>Just for clarification: If client min protocol is set to SMB2 or >>higher, *or* unix entensions are disabled, and NFS is not used, this >>is not exploitable? > >correct. Unless you allow access by ssh.If you allow access via ssh, you have local access to all readable files anyway :-).
Ralph Boehme
2022-Jan-10 17:43 UTC
[Samba] [Announce] Samba meta-data symlink vulnerability CVE-2021-20316
On 1/10/22 17:51, Jeremy Allison wrote:> On Mon, Jan 10, 2022 at 04:31:02PM +0100, Ralph Boehme via samba wrote: >> On 1/10/22 16:06, Sven Schwedas via samba wrote: >>> Just for clarification: If client min protocol is set to SMB2 or >>> higher, *or* unix entensions are disabled, and NFS is not used, this >>> is not exploitable? >> >> correct. Unless you allow access by ssh. > > If you allow access via ssh, you have local access to > all readable files anyway :-).well, yes, but remember there are some codepaths where we do things as root, so I wouldn't bet on it. -slow -- Ralph Boehme, Samba Team https://samba.org/ SerNet Samba Team Lead https://sernet.de/en/team-samba -------------- next part -------------- A non-text attachment was scrubbed... Name: OpenPGP_signature Type: application/pgp-signature Size: 840 bytes Desc: OpenPGP digital signature URL: <http://lists.samba.org/pipermail/samba/attachments/20220110/a76f720f/OpenPGP_signature.sig>