ClearFoundation Tracker - ClearOS | |||||
| View Issue Details | |||||
| ID | Project | Category | View Status | Date Submitted | Last Update |
| 0000023 | ClearOS | app-samba - Windows Networking | public | 2010-02-05 10:52 | 2010-02-22 16:47 |
| Reporter | user2 | ||||
| Assigned To | jterpstra | ||||
| Priority | immediate | Severity | major | Reproducibility | always |
| Status | closed | Resolution | fixed | ||
| Platform | OS | OS Version | |||
| Product Version | 5.1 | ||||
| Target Version | Fixed in Version | 5.1 | |||
| Summary | 0000023: Default configuration for "wide links"... | ||||
| Description | The "wide links" parameter is enabled by default. This can be used to view and potentially change files anywhere on the system via symlinks. In ClearOS, this wouldn't get a user very far (in fact, no further than they would if they had shell access enabled). Regardless, this is still an information leak. Here is the announcement from the Samba team: http://lists.samba.org/archive/samba-technical/2010-February/069183.html [^] And here is the "wide links" entry in the smb.conf man page: wide links (S) This parameter controls whether or not links in the UNIX file system may be followed by the server. Links that point to areas within the directory tree exported by the server are always allowed; this parameter controls access only to areas that are outside the directory tree being exported. Note that setting this parameter can have a negative effect on your server performance due to the extra system calls that Samba has to do in order to perform the link checks. | ||||
| Steps To Reproduce | |||||
| Additional Information | |||||
| Tags | No tags attached. | ||||
| Relationships | |||||
| Attached Files | |||||
| Issue History | |||||
| Date Modified | Username | Field | Change | ||
| 2010-02-05 10:52 | user2 | New Issue | |||
| 2010-02-05 10:52 | user2 | Assigned To | => jterpstra | ||
| 2010-02-05 10:52 | user2 | Status | new => assigned | ||
| 2010-02-05 10:54 | user2 | Note Added: 0000024 | |||
| 2010-02-05 10:54 | user2 | Status | assigned => resolved | ||
| 2010-02-05 10:54 | user2 | Fixed in Version | => 5.1 | ||
| 2010-02-05 10:54 | user2 | Resolution | open => fixed | ||
| 2010-02-05 14:06 | user2 | Description Updated | |||
| 2010-02-05 14:07 | user2 | View Status | private => public | ||
| 2010-02-07 17:29 | user2 | Status | resolved => closed | ||
| 2010-02-22 16:46 | user2 | Checkin | |||
| 2010-02-22 16:46 | user2 | Note Added: 0000037 | |||
| 2010-02-22 16:46 | user2 | Status | closed => resolved | ||
| 2010-02-22 16:47 | user2 | Status | resolved => closed | ||
| Notes | |||||
|
|
|||||
|
|
||||
|
|
|||||
|
|
||||