An Anonymous Coward writes:
A 7-year-old critical remote code execution vulnerability has been discovered in Samba networking software that could allow a remote attacker to take control of an affected Linux and Unix machines.
[...] The newly discovered remote code execution vulnerability (CVE-2017-7494) affects all versions newer than Samba 3.5.0 that was released on March 1, 2010.
"All versions of Samba from 3.5.0 onwards are vulnerable to a remote code execution vulnerability, allowing a malicious client to upload a shared library to a writable share, and then cause the server to load and execute it," Samba wrote in an advisory published Wednesday.
(Score: 1, Interesting) by Anonymous Coward on Saturday May 27 2017, @04:53PM (6 children)
I see a lot of victim blaming in this thread, and I feel that is unjustified. Sure, if you put a writable share without authentication on an open port on the internet, then you deserve the problems you'll get. That is not what this story is about though. Is it?
What if I want to put a shared directory online, using strong authentication methods, with a writable share limited to one specific directory, so that its easy to move files around but not a security risk? Something like a NAS which I or family members could access remotely? I should be able to do this without any problems. (Indeed there are many companies selling such machines.) I should not be required to hold a full-time job as a sysadmin, just to keep up-to-date on the latest zero-day exploits, just to keep my systems secure.
The only reason putting systems like these on the open internet is a problem, is the fact that software is chock full of buffer overflow bugs and other faults that make them a security risk. This in turn, is a problem due to the fact that the majority of systems programmers still use horribly unsafe programming languages like C and C++, where blowing off your own foot and causing a remote code execution vulnerability or a privilege escalation exploit are daily occurrences. As long a people keep using C for low level work, we will keep having these problems. People should be moving to safer languages yesterday. Rust is looking nice. Perhaps that will be a good alternative.
This is the reason why we cannot have nice things. This is the reason why I need to use stupid middlemen services like dropbox or yousendit to send files to people. Because setting up my own file sharing server with samba/cifs/ftp is simply too dangerous, even for someone like me (a seasoned developer but no sysadmin expert) let alone the average consumer. It should not be this way.
(Score: 2) by kaszz on Saturday May 27 2017, @06:08PM (4 children)
Samba implements SMB for MS-Windows which is full of bad designs and code. So of course you don't put that on the internet.
The reason a lot of software is bug ridden is because a lot of people are not up to the discipline of programming. And to make it worse a lot of functionality that isn't needed is added which increases the risk for mistakes. Using C makes software to have performance too. The instability of the glue between low level and higher level language is another reason to avoid cobbling together C + whatever.
I'll guess that plain filesharing on a local LAN is what most people want. How much code it takes to implement just that and nothing else would be interesting to find out.
(Score: 2) by frojack on Saturday May 27 2017, @06:12PM (3 children)
Omniscience is very hard to program.
Start by defining some basic terms:
plain filesharing
Local LAN
No, you are mistaken. I've always had this sig.
(Score: 2) by kaszz on Saturday May 27 2017, @06:16PM (2 children)
Local LAN = within same netmask and behind any NAT or firewall. Presumably within the same building.
Plain filesharing = Open share, write file, read file, close share.
(Score: 2) by wonkey_monkey on Saturday May 27 2017, @08:23PM (1 child)
Local Local Area Network.
I think the "Local Local" bit may be what exception was taken to.
systemd is Roko's Basilisk
(Score: 0) by Anonymous Coward on Saturday May 27 2017, @09:40PM
It could be LAN network inside VPN network that goes over WAN network.
>;P
(Score: 0) by Anonymous Coward on Sunday May 28 2017, @06:20PM
look, you poor, ignorant windows user, if it's designed to be run on a lan, then you don't put it on the internet without more steps/filters being in front of it. firewall rules, openvpn, etc. the password auth of the application or some such shit, doesn't freaking count. if the "victim" doesn't know that, then they deserve part of the blame. lazy idiots want to do shit without learning anything, then whine like someone who donated Free Software should have made it impossible for them to deploy in a stupid way. It's absurd.