Bug 1495148 - Samba access denied due to invalid symlink detection in open.c
Summary: Samba access denied due to invalid symlink detection in open.c
Keywords:
Status: CLOSED DUPLICATE of bug 1509455
Alias: None
Product: Red Hat Enterprise Linux 6
Classification: Red Hat
Component: samba
Version: 6.10
Hardware: Unspecified
OS: Unspecified
unspecified
unspecified
Target Milestone: rc
: ---
Assignee: Andreas Schneider
QA Contact: qe-baseos-daemons
URL:
Whiteboard:
: 1499025 (view as bug list)
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2017-09-25 10:03 UTC by Damiano Bianchi
Modified: 2017-11-07 08:31 UTC (History)
7 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed: 2017-11-07 08:31:37 UTC
Target Upstream Version:


Attachments (Terms of Use)

Description Damiano Bianchi 2017-09-25 10:03:07 UTC
Description of problem:
No second level directories are presented to the client, after the upgrade to the latest patch (in particular CVE-2017-2619.patch), if the share configuration has the "follow symlinks = no" directive in place, even though there are no symlink in the real path.

Version-Release number of selected component (if applicable):
samba-3.6.23-45.el6_9.x86_64

How reproducible:
Upgrade then place "follow symlinks = no" in the share configuration in smb.conf

Steps to Reproduce:
1. 
2.
3.

Actual results:
Client cannot browse share's subdirectories (all directories in the share seems to be empty).

Expected results:
Disabling the "follow synlinks" or downgrading samba all subdirectories are browsable again.

Additional info:
[2017/09/25 11:26:15.396479,  2] smbd/vfs.c:1047(check_reduced_name)
  check_reduced_name: Bad access attempt: . is a symlink

Comment 2 Pavel Lisy 2017-10-05 14:28:18 UTC
I can confirm this bug for samba.x86_64 0:3.6.23-45.el6_9

downgrade to previous version samba.x86_64 0:3.6.23-44.el6_9 solved it.

Comment 3 Andreas Schneider 2017-10-19 14:08:34 UTC
*** Bug 1499025 has been marked as a duplicate of this bug. ***

Comment 4 Andreas Schneider 2017-10-19 14:09:38 UTC
Pavel, you also have 'follow symlinks = no' in your smb.conf file?

Comment 6 Andreas Schneider 2017-11-07 08:31:37 UTC

*** This bug has been marked as a duplicate of bug 1509455 ***


Note You need to log in before you can comment on or make changes to this bug.