Public bug reported: The fix for bug #11395 / CVE-2015-5252 https://git.samba.org/?p=samba.git;a=commitdiff;h=7606c0db257b3f9d84da5b2bf5fbb4034cc8d77d locked down the path checks in check_reduced_name[_with_privilege]() to prevent unintended access via wide links.
The new checks do not correctly treat a corner case though: the case of the share path being "/". (Important e.g. for using the glusterfs VFS module.) In this case all operations after tree connect get ACCESS_DENIED. ** Affects: samba Importance: Unknown Status: Unknown ** Affects: samba (Ubuntu) Importance: Undecided Status: New ** Bug watch added: Samba Bugzilla #11647 https://bugzilla.samba.org/show_bug.cgi?id=11647 ** Also affects: samba via https://bugzilla.samba.org/show_bug.cgi?id=11647 Importance: Unknown Status: Unknown -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to samba in Ubuntu. https://bugs.launchpad.net/bugs/1545750 Title: Access denied if the share path is "/" To manage notifications about this bug go to: https://bugs.launchpad.net/samba/+bug/1545750/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs