[Bug 1701073] Re: CVE-2017-2619 regression breaks symlinks to directories

Dariusz Gadomski 1701073 at bugs.launchpad.net
Mon Jul 3 15:54:41 UTC 2017


Andreas, Marc - I think the case Dave described is not fully covered by
the fix.

There is a config still failing: if the share is based at / (so all
symlinks in the filesystem should be local to the share) with "wide
links = no" no symlinks are accessible. According to my tests this
affects both: file and directory symlinks).

Test case:
# server
[rootshare]
 path = /
 wide links = no
 follow symlinks = yes
 browseable = yes
 read only = no
 guest ok = yes

mkdir -p /tmp/test
ln -s /tmp/test /tmp/testlink

# client
smbclient -m smb3 //server/rootshare
cd /tmp/testlink
dir
NT_STATUS_ACCESS_DENIED listing \tmp\testlink\*

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to samba in Ubuntu.
https://bugs.launchpad.net/bugs/1701073

Title:
  CVE-2017-2619 regression breaks symlinks to directories

Status in samba:
  Unknown
Status in samba package in Ubuntu:
  In Progress
Status in samba source package in Xenial:
  In Progress
Status in samba source package in Yakkety:
  In Progress
Status in samba source package in Zesty:
  In Progress

Bug description:
  Found in current version in Xenial (4.3.11+dfsg-0ubuntu0.16.04.7).
  When share's path is '/', symlinks do not work properly from Windows
  client. Gives "Cannot Access" error.

  To reproduce:

  1. Install samba and related dependencies

  apt install -y samba

  2. Add a share at the end of the default file that uses '/' as the
  path:

  [reproducer]
          comment = share
          browseable = no
          writeable = yes
          create mode = 0600
          directory mode = 0700
          path = /

  3. Attempt to access a symlink somewhere within the path of the share
  with a Windows client.

  4. Receive "Windows cannot access..." related error

To manage notifications about this bug go to:
https://bugs.launchpad.net/samba/+bug/1701073/+subscriptions



More information about the foundations-bugs mailing list