Abstract
This talk will in detail describe the symbolic link race condition that led to the Samba CVE-2021-20316. Symlink races lead to CVEs all over the place, even the secure programming language Rust was recently bitten by it with CVE-2022-21658.
Samba solved the problem with a major development effort over many months, however the solution comes with a performance penalty. In the best tradition of "Make it right first, make it fast", work is ongoing to refactor Samba's internals to not only get back the speed of the insecure path handling, but potentially go beyond that and moreover add proper SMB2 symlink error handling.
The talk will describe Samba's current solution, the reasons why we did not solve it "the right way" from the beginning, and our way out of this.