From c9f3d84663ed9e3b03e49bf58530c97185f33334 Mon Sep 17 00:00:00 2001 From: Arne Fitzenreiter Date: Mon, 8 Feb 2010 23:06:01 +0100 Subject: [PATCH] Add "Wide links" and "Unix extension" settings to samba.cgi. both options are enabled by default and this is security hole. --- html/cgi-bin/samba.cgi | 23 +++++++++++++++++++++++ lfs/samba | 2 +- 2 files changed, 24 insertions(+), 1 deletion(-) diff --git a/html/cgi-bin/samba.cgi b/html/cgi-bin/samba.cgi index b8e5731776..4438a8bd7e 100644 --- a/html/cgi-bin/samba.cgi +++ b/html/cgi-bin/samba.cgi @@ -100,6 +100,8 @@ $sambasettings{'DOSCHARSET'} = 'CP850'; $sambasettings{'UNIXCHARSET'} = 'UTF8'; $sambasettings{'DISPLAYCHARSET'} = 'CP850'; $sambasettings{'SOCKETOPTIONS'} = 'TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192 SO_KEEPALIVE'; +$sambasettings{'WIDELINKS'} = 'on'; +$sambasettings{'UNIXEXTENSION'} = 'off'; ### Values that have to be initialized $sambasettings{'ACTION'} = ''; ### Samba CUPS Variablen @@ -123,6 +125,9 @@ my $PDCOPTIONS = `cat ${General::swroot}/samba/pdc`; sub refreshpage{&Header::openbox( 'Waiting', 1, "" );print "

$Lang::tr{'pagerefresh'}
";&Header::closebox();} +if (($sambasettings{'WIDELINKS'} eq 'on') & ($sambasettings{'UNIXEXTENSION'} eq 'on')) + {$errormessage="Don't enable 'Wide links' and 'Unix extension' at the same time"; } + &Header::openpage('Samba', 1, ''); &Header::openbigbox('100%', 'left', '', $errormessage); @@ -171,6 +176,8 @@ if ($sambasettings{'ACTION'} eq 'globalresetyes') $sambasettings{'PRINTCAPNAME'} = 'cups'; $sambasettings{'PRINTERNAME'} = 'Printer'; ### Values that have to be initialized + $sambasettings{'WIDELINKS'} = 'on'; + $sambasettings{'UNIXEXTENSION'} = 'off'; $sambasettings{'ACTION'} = ''; $sambasettings{'LOCALMASTER'} = 'off'; $sambasettings{'DOMAINMASTER'} = 'off'; @@ -249,6 +256,8 @@ if ($sambasettings{'LOCALMASTER'} eq 'on'){ $sambasettings{'LOCALMASTER'} = "tru if ($sambasettings{'DOMAINMASTER'} eq 'on'){ $sambasettings{'DOMAINMASTER'} = "true";} else { $sambasettings{'DOMAINMASTER'} = "false";} if ($sambasettings{'PREFERREDMASTER'} eq 'on'){ $sambasettings{'PREFERREDMASTER'} = "true";} else { $sambasettings{'PREFERREDMASTER'} = "false";} if ($sambasettings{'SYSLOGONLY'} eq 'on'){ $sambasettings{'SYSLOGONLY'} = "yes";} else { $sambasettings{'SYSLOGONLY'} = "no";} +if ($sambasettings{'WIDELINKS'} eq 'on'){ $sambasettings{'WIDELINKS'} = "yes";} else { $sambasettings{'WIDELINKS'} = "no";} +if ($sambasettings{'UNIXEXTENSION'} eq 'on'){ $sambasettings{'UNIXEXTENSION'} = "yes";} else { $sambasettings{'UNIXEXTENSION'} = "no";} ############################################################################################################################ ############################################# Schreiben der Samba globals ################################################## @@ -264,6 +273,9 @@ netbios name = $sambasettings{'NETBIOSNAME'} server string = $sambasettings{'SRVSTRING'} workgroup = $sambasettings{'WORKGRP'} +wide links = $sambasettings{'WIDELINKS'} +unix extensions = $sambasettings{'UNIXEXTENSION'} + keep alive = 30 os level = $sambasettings{'OSLEVEL'} fstype = NTFS @@ -381,6 +393,12 @@ $checked{'DOMAINMASTER'}{$sambasettings{'DOMAINMASTER'}} = "checked='checked'"; $checked{'PREFERREDMASTER'}{'off'} = ''; $checked{'PREFERREDMASTER'}{'on'} = ''; $checked{'PREFERREDMASTER'}{$sambasettings{'PREFERREDMASTER'}} = "checked='checked'"; +$checked{'WIDELINKS'}{'off'} = ''; +$checked{'WIDELINKS'}{'on'} = ''; +$checked{'WIDELINKS'}{$sambasettings{'WIDELINKS'}} = "checked='checked'"; +$checked{'UNIXEXTENSION'}{'off'} = ''; +$checked{'UNIXEXTENSION'}{'on'} = ''; +$checked{'UNIXEXTENSION'}{$sambasettings{'UNIXEXTENSION'}} = "checked='checked'"; $checked{'GREEN'}{'off'} = ''; $checked{'GREEN'}{'on'} = ''; $checked{'GREEN'}{$sambasettings{'GREEN'}} = "checked='checked'"; @@ -481,6 +499,11 @@ END print <$Lang::tr{'more'}
+Wide linkson / + off +Unix extensionon / + off +
$Lang::tr{'security options'} $Lang::tr{'security'}