Re: Symlink attack in (all?) Samba. - Local root walkthrough by Tozz

[Tim Potter * <tpot () LINUXCARE COM AU>]

> Requirements:
>
> * Shell access or any other way to create
symlinks
> * A running samba deamon
> * The username and/or password of a user named
in the
>   admin lists in one or more shares.

This basically boils down to the fact that if you
give someone root access on a machine they can do
things.  

It is usually not necessary to use the admin users
parameter.  Tasks like managing upload directories
and so on can usually be achieved with a
combination of the various force user, group and
create mode parameters.


Tim.