Re: [PATCH v4] ksmbd: use LOOKUP_BENEATH to prevent the out of share access

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

2021-09-25 9:08 GMT+09:00, Namjae Jeon <linkinjeon@xxxxxxxxxx>:
> 2021-09-25 2:20 GMT+09:00, Jeremy Allison <jra@xxxxxxxxx>:
>> On Sat, Sep 25, 2021 at 12:06:16AM +0900, Hyunchul Lee wrote:
>>>instead of removing '..' in a given path, call
>>>kern_path with LOOKUP_BENEATH flag to prevent
>>>the out of share access.
>>>
>>>ran various test on this:
>>>smb2-cat-async smb://127.0.0.1/homes/../out_of_share
>>>smb2-cat-async smb://127.0.0.1/homes/foo/../../out_of_share
>>>smbclient //127.0.0.1/homes -c "mkdir ../foo2"
>>>smbclient //127.0.0.1/homes -c "rename bar ../bar"
>>
>> FYI, MS-FSCC states:
>>
>> "Except where explicitly permitted, a pathname component that is a dot
>> directory name MUST NOT
>> be sent over the wire."
>>
>> so it might be easier to just refuse with an
>> error a pathname containing "." or ".." on input
>> processing rather than try and deal with it.
>>
>> Might be interesting to test this against a
>> Windows server and see what it does here.
> When I have tested it, it's allowed...
>
> $ ./examples/smb2-ls-async smb://172.30.1.42/homes2/foo/./bar/../
> bar                  DIRECTORY               0 Sat Sep 25 08:50:02 2021
>
> ..                   DIRECTORY               0 Sat Sep 25 09:02:12 2021
>
> .                    DIRECTORY               0 Sat Sep 25 09:02:12 2021
>
>
> When last component is dotdot(..) and first component is dot(.),  it
> seem to refuse connection.
It's not true.. and it is not easy. Using LOOKUP_BENEATH is the easiest choice.
$ ./examples/smb2-ls-async smb://172.30.1.42/homes2/foo/../.
failed to create/open directory (Invalid argument) Opendir failed with
(0xc000000d) STATUS_INVALID_PARAMETER.

$ ./examples/smb2-ls-async smb://172.30.1.42/homes2/foo/../foo/
failed to create/open directory (Invalid argument) Opendir failed with
(0xc000000d) STATUS_INVALID_PARAMETER.

>
> $ ./examples/smb2-ls-async smb://172.30.1.42/homes2/../
> failed to create/open directory (Invalid argument) Opendir failed with
> (0xc000000d) STATUS_INVALID_PARAMETER.
>
> $ ./examples/smb2-ls-async smb://172.30.1.42/homes2/./
> failed to create/open directory (Input/output error) Opendir failed
> with (0xc0000033) STATUS_OBJECT_NAME_INVALID.
>
> ./examples/smb2-ls-async smb://172.30.1.42/homes2/foo/../
> failed to create/open directory (Invalid argument) Opendir failed with
> (0xc000000d) STATUS_INVALID_PARAMETER.
>
> $ ./examples/smb2-ls-async smb://172.30.1.42/homes2/./foo
> failed to create/open directory (No such file or directory) Opendir
> failed with (0xc000003a) STATUS_OBJECT_PATH_NOT_FOUND.
>
> $ ./examples/smb2-ls-async smb://172.30.1.42/homes2/foo/.
> bar                  DIRECTORY               0 Sat Sep 25 08:50:02 2021
>
> ..                   DIRECTORY               0 Sat Sep 25 09:02:12 2021
>
> .                    DIRECTORY               0 Sat Sep 25 09:02:12 2021
>
>
>>
>
[Linux USB Devel]     [Video for Linux]     [Linux Audio Users]     [Yosemite News]     [Linux Kernel]     [Linux SCSI]

  Powered by Linux