I tested this as well with some simple examples trying to escape the share - testing going fine so far. Also ran the buildbot from current linux next on client to current linux next for ksmbd (and it passed) http://smb3-test-rhel-75.southcentralus.cloudapp.azure.com/#/builders/8/builds/73 On Fri, Sep 24, 2021 at 7:43 PM Namjae Jeon <linkinjeon@xxxxxxxxxx> wrote: > > 2021-09-25 0:06 GMT+09:00, Hyunchul Lee <hyc.lee@xxxxxxxxx>: > > instead of removing '..' in a given path, call > > kern_path with LOOKUP_BENEATH flag to prevent > > the out of share access. > > > > ran various test on this: > > smb2-cat-async smb://127.0.0.1/homes/../out_of_share > > smb2-cat-async smb://127.0.0.1/homes/foo/../../out_of_share > > smbclient //127.0.0.1/homes -c "mkdir ../foo2" > > smbclient //127.0.0.1/homes -c "rename bar ../bar" > > > > Cc: Ronnie Sahlberg <ronniesahlberg@xxxxxxxxx> > > Cc: Ralph Boehme <slow@xxxxxxxxx> > > Cc: Steve French <smfrench@xxxxxxxxx> > > Cc: Namjae Jeon <linkinjeon@xxxxxxxxxx> > > Signed-off-by: Hyunchul Lee <hyc.lee@xxxxxxxxx> > Looks good to me! > Acked-by: Namjae Jeon <linkinjeon@xxxxxxxxxx> > > Thanks! -- Thanks, Steve
