Date: Sat, 06 Feb 2010 14:45:54 +0100 From: Yves-Alexis Perez <corsac@...ian.org> To: oss-security@...ts.openwall.com Subject: Re: Samba symlink 0day flaw On 06/02/2010 14:31, Nico Golde wrote: > The wide_links variable, at least not in my copy. > wide links (S) This parameter controls whether or not links in the UNIX file system may be followed by the server. Links that point to areas within the directory tree exported by the server are always allowed; this parameter controls access only to areas that are outside the directory tree being exported. Note that setting this parameter can have a negative effect on your server performance due to the extra system calls that Samba has to do in order to perform the link checks. Default: wide links = yes This is samba 2:3.4.5~dfsg-1. Note the name is wide links, not wide_links. Cheers, -- Yves-Alexis Download attachment "signature.asc" of type "application/pgp-signature" (901 bytes)
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ