You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
As detailed in this thread smbclient in Samba 4.4 and above now uses fstat on the location supplied in the --authentication-file option to get the file size, which means that the file descriptor that SambaDAV uses comes up as zero size and so the authentication credentials are not read: https://lists.samba.org/archive/samba/2018-August/217886.html
The obvious workaround inside SambaDAV would be to use a temp file that is deleted as soon as the smbclient process is complete.
The first patch is the simplest, which just uses PHP's tmpfile function to create a file inside the default PHP temp directory returned by sys_get_temp_dir() (which is usually /tmp on Linux machines).
The second patch adds the creation of a randomly named subdirectory of the PHP temp directory just in case something malicious is monitoring files created in the /tmp directory. Again both file and directory are removed in the destruct phase of the process.
I am currently testing the second patch on various machines that use SambaDAV and have not found any problems yet, but they are all Ubuntu 16.04 or 18.04. Obviously any patch would need testing on a wider range of systems.
Note that in some distributions such as Ubuntu 17.04+ and RedHat/Centos 7+ the PrivateTmp setting is enabled in systemd which results in /tmp in Apache being redirected to a randomly named subdirectory of /tmp, which you may need to be aware of if you try to debug things.
John Edwards
Supporting Role Limited
The text was updated successfully, but these errors were encountered:
As detailed in this thread smbclient in Samba 4.4 and above now uses fstat on the location supplied in the --authentication-file option to get the file size, which means that the file descriptor that SambaDAV uses comes up as zero size and so the authentication credentials are not read:
https://lists.samba.org/archive/samba/2018-August/217886.html
The obvious workaround inside SambaDAV would be to use a temp file that is deleted as soon as the smbclient process is complete.
The first patch is the simplest, which just uses PHP's tmpfile function to create a file inside the default PHP temp directory returned by sys_get_temp_dir() (which is usually /tmp on Linux machines).
patch-1-tmpfile.txt
The second patch adds the creation of a randomly named subdirectory of the PHP temp directory just in case something malicious is monitoring files created in the /tmp directory. Again both file and directory are removed in the destruct phase of the process.
patch-2-tmpdir.txt
I am currently testing the second patch on various machines that use SambaDAV and have not found any problems yet, but they are all Ubuntu 16.04 or 18.04. Obviously any patch would need testing on a wider range of systems.
Note that in some distributions such as Ubuntu 17.04+ and RedHat/Centos 7+ the PrivateTmp setting is enabled in systemd which results in /tmp in Apache being redirected to a randomly named subdirectory of /tmp, which you may need to be aware of if you try to debug things.
John Edwards
Supporting Role Limited
The text was updated successfully, but these errors were encountered: