As per upstream security advisory: All versions of Samba from 3.2.0 to 4.3.3 inclusive are vulnerable to a malicious client overwriting the ownership of ACLs using symlinks. An authenticated malicious client can use SMB1 UNIX extensions to create a symlink to a file or directory, and then use non-UNIX SMB1 calls to overwrite the contents of the ACL on the file or directory linked to.
Workaround ========== Add the parameter: unix extensions = no to the [global] section of your smb.conf and restart smbd. Alternatively, prohibit the use of SMB1 by setting the parameter: server min protocol = SMB2 to the [global] section of your smb.conf and restart smbd.
Created samba tracking bugs for this issue: Affects: fedora-all [bug 1315942]
External References: https://www.samba.org/samba/security/CVE-2015-7560.html
Acknowledgment: Name: the Samba project Upstream: Jeremy Allison (Google), the Samba team
Upstream Patches: Samba/master [Patch: 01/12] https://git.samba.org/?p=samba.git;a=patch;h=841ae4a2e297d9d2211d8fb79c8f180ae295aae9 [Patch: 02/12] https://git.samba.org/?p=samba.git;a=patch;h=19eb1c9311955b769afdc9ff593a21800424cf27 [Patch: 03/12] https://git.samba.org/?p=samba.git;a=patch;h=6b61b5448a96c762ddae36e5055050c5ca869ea2 [Patch: 04/12] https://git.samba.org/?p=samba.git;a=patch;h=e7e23e96478870a3bf37b8b2d984890feabcf808 [Patch: 05/12] https://git.samba.org/?p=samba.git;a=patch;h=77b3d5b2a8848303070ba2e44476534885469a00 [Patch: 06/12] https://git.samba.org/?p=samba.git;a=patch;h=3f491d77567ddc1b51f6c77c94d26b4d4cc2e5d0 [Patch: 07/12] https://git.samba.org/?p=samba.git;a=patch;h=464d044145faa6db166e9bf4c080a3dd15422834 [Patch: 08/12] https://git.samba.org/?p=samba.git;a=patch;h=0be0b755cdd2a74cf364e69c3babeb714244a604 [Patch: 09/12] https://git.samba.org/?p=samba.git;a=patch;h=5941d75fd4380455d6e0552e8f92b5e7c0c356d6 [Patch: 10/12] https://git.samba.org/?p=samba.git;a=patch;h=9ee4ddd36656370e252405fae07ddd7b782f28bd [Patch: 11/12] https://git.samba.org/?p=samba.git;a=patch;h=306a7f39add1f0b58b2705499405b7d81bf36793 [Patch: 12/12] https://git.samba.org/?p=samba.git;a=patch;h=b551cd83ef74340adaf88629a9ee9fa5c5215ec6
This issue has been addressed in the following products: Red Hat Enterprise Linux 6 Via RHSA-2016:0449 https://rhn.redhat.com/errata/RHSA-2016-0449.html
This issue has been addressed in the following products: Red Hat Gluster Storage 3.1 for RHEL 7 Red Hat Gluster Storage 3.1 for RHEL 6 Via RHSA-2016:0447 https://rhn.redhat.com/errata/RHSA-2016-0447.html
This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Red Hat Enterprise Linux 6 Via RHSA-2016:0448 https://rhn.redhat.com/errata/RHSA-2016-0448.html