Jeremy,
Thanks for your quick reply, sorry I couldn't be as quick in confirming the issue has been resolved in later versions specifically SAMBA 2.2.1. Thanks, Kevin K. Sochacki ExxonMobil Research & Engineering 1545 Route 22 East Annandale, NJ 08801 Room: CB042B Phone: 908-730-2911 Fax: 908-730-3823 Cell: 908-482-0840 mailto:[EMAIL PROTECTED] [EMAIL PROTECTED] (Jeremy Allison) To: [EMAIL PROTECTED] Sent by: cc: [EMAIL PROTECTED] samba-technical-admin@lists Subject: Re: Security issue with Scheduled (AT) jobs on .samba.org NTworkstation and SAMBA 04/01/02 08:50 PM On Mon, Apr 01, 2002 at 05:30:44PM -0500, [EMAIL PROTECTED] wrote: > I use the Scheduler to run a process on a NT workstation that attaches to a > SAMBA (SAMBA 2.0.6 on RH 6.2) share as a specific user (USER1), if another > user (USER2) logs onto the system and the link is still established the > other user (USER2) can access the first user's (USER1) data. The logged on > user (USER2) does not have an account on the SAMBA server and shouldn't be > able to access anything and this is true as long as the first user's > (USER1) link is not established. If I do the same thing to a NT Server the > logged-in user (USER2) is denied access to the data even though the link is > established. This is a pretty serious security issue. Can anyone answer > the following question or have any ideal how to close this rather large > security hole? > > Is there a SAMBA configuration parameter that I'm not aware of that > addresses this issue? > or > Is this a NT workstations issue? > If it is a NT issue, why so if the problem does not occur with a NT Server? > > Attached is a simple example of a batch file, if run from the scheduler > will duplicate the problem. > > (See attached file: link.bat) > > Currently the only work around I have is to use the '/persistent=no' and > '/d' flags with 'net use' so the link is disconnected after the process is > done. The intention is to update a database with data being collected from > research instruments which could run for hours making it a huge security > risk. There was a bug with early versions of Samba 2.0 (and previous) that allowed an open file by a privilaged user to be read by an unprivilaged user on the same client machine. I fixed this in the 2.0.x codebase (can't remember the exact release, I can look this up from the CVS logs) - the original bug was reported by Rational software (thanks to them). Let me know if you really need to know what version of 2.0.x fixed this problem. This was definately fixed for 2.2.x and is not a current issue. There are other security related problems with the code you are running, I seriously suggest you upgrade. Regards, Jeremy Allison, Samba Team.
