Debian Linux: samba symlink attack

Ferom net-security.org: Marcus Meissner discovered that samba was not creating temporary files safely in two places:

When a remote user queried a printer queue samba would creates a temporary file in which the queue
data would be written. This was doing using a predictable filename and insecurely, allowing a local
attacker to trick samba into overwriting arbitrary files.
smbclient “more” and “mput” commands also creates temporary files in /tmp insecurely.
Both problems have been fixed in version 2.0.7-3.2. and we recommand that you upgrade your samba
package immediately. More posted at LWN.net.

RELATED ARTICLESMORE FROM AUTHOR

Maintainer Confidential: Challenges and Opportunities One Year On

Bridging Design and Runtime Gaps: AsyncAPI in Event-Driven Architecture

Implementing OpenTelemetry Natively in an Event Broker

Innovation as a Catalyst in Telecommunications

Linux 6.8 Brings More Sound Hardware Support For Intel & AMD, Including The Steam Deck

RELATED ARTICLES MORE FROM AUTHOR