[Pkg-samba-maint] Bug#418587: samba: Improper handling of /../
pathnames in smb.conf
Christian Perrier
Christian.Perrier at onera.fr
Tue Apr 10 17:52:42 UTC 2007
forwarded 418587 https://bugzilla.samba.org/show_bug.cgi?id=4155
thanks
Quoting Peter Rabbitson (rabbit at rabbit.us):
> Package: samba
> Version: 3.0.24-6
> Severity: normal
>
>
> Samba improperly handles /../ in directory paths both when directly specified
> in the config file or obtained from a variable like %H. A string like
> `TopDir/Subdir1/../Subdir2` will be converted to `TopDirSubdir2` which is
> pretty far from what is desired. The bug was initially reported upstream
> in version 3.0.23c (https://bugzilla.samba.org/show_bug.cgi?id=4155) about
> 8 months ago, but the bug is still present in the latest version.
>
> Note: A use case where a path might contain /../ is a system with user home
> directories modified according to the passwd_chroot_enable option of vsftpd.
> With a homedir of `/home/webspace/<user>/./../../<user>` the samba %H variable
> becomes useless.
Let's link this BR to the upstream BR but I actually fail to see what
benefit may be driven from reporting this in Debian too....there are
very little chances that the samba packaging team has better clues
than the clever upstream developers..:)
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : http://lists.alioth.debian.org/pipermail/pkg-samba-maint/attachments/20070410/a5a9cdda/attachment.pgp
More information about the Pkg-samba-maint
mailing list