samba symlink attack

[Matthias Drochner <M.Drochner%fz-juelich.de@localhost>]

As a quick response to the samba symlink problem, how about
the appended patch?
(Compile-tested only, I don't run a  server.)

best regards
Matthias



------------------------------------------------------------------------------------------------
------------------------------------------------------------------------------------------------
Forschungszentrum Juelich GmbH
52425 Juelich
Sitz der Gesellschaft: Juelich
Eingetragen im Handelsregister des Amtsgerichts Dueren Nr. HR B 3498
Vorsitzende des Aufsichtsrats: MinDir'in Baerbel Brumme-Bothe
Geschaeftsfuehrung: Prof. Dr. Achim Bachem (Vorsitzender),
Dr. Ulrich Krafft (stellv. Vorsitzender), Prof. Dr.-Ing. Harald Bolt,
Prof. Dr. Sebastian M. Schmidt
------------------------------------------------------------------------------------------------
------------------------------------------------------------------------------------------------

Index: Makefile
===================================================================
RCS file: /cvsroot/pkgsrc/net/samba/Makefile,v
retrieving revision 1.196
diff -u -r1.196 Makefile
--- Makefile    4 Oct 2009 16:58:38 -0000       1.196
+++ Makefile    8 Feb 2010 11:24:31 -0000
@@ -3,6 +3,7 @@
 .include "Makefile.mirrors"
 
 DISTNAME=              samba-${VERSION}
+PKGREVISION=           1
 CATEGORIES=            net
 MASTER_SITES=          ${SAMBA_MIRRORS:=old-versions/}
 
Index: distinfo
===================================================================
RCS file: /cvsroot/pkgsrc/net/samba/distinfo,v
retrieving revision 1.72
diff -u -r1.72 distinfo
--- distinfo    4 Oct 2009 16:58:38 -0000       1.72
+++ distinfo    8 Feb 2010 11:24:31 -0000
@@ -28,7 +28,7 @@
 SHA1 (patch-bp) = ab55020e477ff36403b1e5a9ce97b2118cdf5cde
 SHA1 (patch-bq) = dc25eb43336d4ad7ecef1b4ea8c5dcd72cc91a7b
 SHA1 (patch-br) = fc0d4c1f638a534f86e59ed8ebaddbf1978fa64f
-SHA1 (patch-bs) = 1c08caf388e337497464097a11c909ddd5f9a3ff
+SHA1 (patch-bs) = da62a8e59fbab1b9ef9fbcd623f5d63816667447
 SHA1 (patch-bu) = 317d0a197e4564c6ab734890302c1f73cc54e1df
 SHA1 (patch-bv) = 2d80f4e24edab32bf4f620f651e70b9e63d28cc5
 SHA1 (patch-bw) = 83a57fd2c21e1abd1bfab046e867096d46931958
Index: patches/patch-bs
===================================================================
RCS file: /cvsroot/pkgsrc/net/samba/patches/patch-bs,v
retrieving revision 1.5
diff -u -r1.5 patch-bs
--- patches/patch-bs    3 Apr 2008 20:19:42 -0000       1.5
+++ patches/patch-bs    8 Feb 2010 11:24:32 -0000
@@ -1,6 +1,6 @@
-$NetBSD: patch-bs,v 1.5 2008/04/03 20:19:42 jlam Exp $
+$NetBSD$
 
---- param/loadparm.c.orig      2008-03-08 10:56:27.000000000 -0500
+--- param/loadparm.c.orig      2009-09-30 12:21:56.000000000 +0000
 +++ param/loadparm.c
 @@ -109,6 +109,7 @@ typedef struct {
        char *szDeletePrinterCommand;
@@ -18,6 +18,15 @@
        BOOL bTimestampLogs;
        BOOL bNTSmbSupport;
        BOOL bNTPipeSupport;
+@@ -564,7 +566,7 @@ static service sDefault = {
+       True,                   /* bLevel2OpLocks */
+       False,                  /* bOnlyUser */
+       True,                   /* bMangledNames */
+-      True,                   /* bWidelinks */
++      False,                  /* bWidelinks */
+       True,                   /* bSymlinks */
+       False,                  /* bSyncAlways */
+       False,                  /* bStrictAllocate */
 @@ -890,6 +892,7 @@ static struct parm_struct parm_table[] =
        {"passwd chat", P_STRING, P_GLOBAL, &Globals.szPasswdChat, NULL, NULL, 
FLAG_ADVANCED}, 
        {"passwd chat debug", P_BOOL, P_GLOBAL, &Globals.bPasswdChatDebug, 
NULL, NULL, FLAG_ADVANCED},