On Wed, Mar 20, 2013 at 5:52 PM, Mathieu Parent <math.par...@gmail.com> wrote: > Hi all, > > I have setup a basic package for scannedonly, I don't intend to upload > it yet as: > - I have to test it more carefully (basic function works) > - I will only upload it if I use it myself > > It's here: > http://anonscm.debian.org/gitweb/?p=pkg-samba/scannedonly.git > > Bastien ROUCARIES said: >> Ok I understand but it is insecure at least create a random secret >> extension. And filter this extension. A malicious user could try to >> race with the daemon, creating a .scanned file and an infected file. >> sometime it will succeed and the file will be declared sane whereas it >> is not sane. > > I have tested and couldn't do as you said: > - the file is prefixed with ".scanned:", as it contains ":", it can't > be routed thru cifs (I tested with smbclient)
.file are hidded not vetoed. It work if you vetoed .* file > - the".scanned:FILENAME" file is checked for mtime (mtime should be > later than mtime of FILENAME) depending of the mtime granualarity of the file system it could be problematic. > please provide a real exploit. If you share your directory by both a samba and a nfs server exploit are trivial to write. If you only use samba and trust local user it could be valuable. I maintain that using xattr is a better route to this kind of scanner. > > PS: I'm cc-ing pkg-samba, for info and feedback. > > Regards > -- > Mathieu Parent -- To UNSUBSCRIBE, email to debian-wnpp-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/cae2spaangdhbm15t0rmvxk7nqf8k7y07tamwn3uptsd_fe+...@mail.gmail.com