[Pkg-samba-maint] About scannedonly packaging
Bastien ROUCARIES
roucaries.bastien at gmail.com
Wed Mar 20 17:51:02 UTC 2013
On Wed, Mar 20, 2013 at 5:52 PM, Mathieu Parent <math.parent at gmail.com> wrote:
> Hi all,
>
> I have setup a basic package for scannedonly, I don't intend to upload
> it yet as:
> - I have to test it more carefully (basic function works)
> - I will only upload it if I use it myself
>
> It's here:
> http://anonscm.debian.org/gitweb/?p=pkg-samba/scannedonly.git
>
> Bastien ROUCARIES said:
>> Ok I understand but it is insecure at least create a random secret
>> extension. And filter this extension. A malicious user could try to
>> race with the daemon, creating a .scanned file and an infected file.
>> sometime it will succeed and the file will be declared sane whereas it
>> is not sane.
>
> I have tested and couldn't do as you said:
> - the file is prefixed with ".scanned:", as it contains ":", it can't
> be routed thru cifs (I tested with smbclient)
.file are hidded not vetoed. It work if you vetoed .* file
> - the".scanned:FILENAME" file is checked for mtime (mtime should be
> later than mtime of FILENAME)
depending of the mtime granualarity of the file system it could be problematic.
> please provide a real exploit.
If you share your directory by both a samba and a nfs server exploit
are trivial to write. If you only use samba and trust local user it
could be valuable.
I maintain that using xattr is a better route to this kind of scanner.
>
> PS: I'm cc-ing pkg-samba, for info and feedback.
>
> Regards
> --
> Mathieu Parent
More information about the Pkg-samba-maint
mailing list