[ubuntu-za] Samba
Lee Sharp
leesharp at hal-pc.org
Fri May 26 13:42:49 UTC 2017
On 05/26/2017 03:12 AM, Gustav H Meyer wrote:
> "All versions of Samba from 3.5.0 onwards are vulnerable to a remote
> code execution vulnerability, allowing a malicious client to upload a
> shared library to a writable share, and then cause the server to load
> and execute it,"
> My question would be, how will aLinux server load and execute such a
> file? It's not quite as simple as on Windows, but yes I'll still agree
> with the sentiment of @sb101sb on Twitter this morning, even if a bit
> harsh, "When was samba ever considered secure and by who? Might as well
> put your testicles on the train track.".
This was my question as well. People are not installing WINE on the
file server are they? I really want to know more about this
"vulnerability" before I panic...
And I LOVE the comment! :)
> If you really, really need it you better be careful when setting it up.
> And most people really do not need it.
The people that hand me money all use Windows. The way they find
servers in in the "network" so I need Samba. And I am not all that
special. (No matter what my mother told me...)
Lee
More information about the ubuntu-za
mailing list