[Pkg-samba-maint] DO NOT REPLY [Bug 6853] mount.cifs race that allows user to replace mountpoint with a symlink
samba-bugs at samba.org
samba-bugs at samba.org
Mon Feb 8 14:16:32 UTC 2010
https://bugzilla.samba.org/show_bug.cgi?id=6853
------- Comment #18 from jlayton at samba.org 2010-02-08 08:16 CST -------
Yes, and we usually strive to achieve that goal but we were in a bit of a
difficult position wrt to this program. Several distro packagers were shipping
mount.cifs as a setuid root program, and people were often reporting "security"
issues with that configuration. There was no clear way to effectively
communicate our recommendation that it not be installed that way, hence the
patch to disable it at build time.
Patching that out is trivial, but it will need to be done at build time. Distro
packagers will have to weigh whether to patch out that behavior in their
specific circumstances. With RHEL for instance, we won't be disabling setuid
root capability altogether since doing so might break working setups.
--
Configure bugmail: https://bugzilla.samba.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.
More information about the Pkg-samba-maint
mailing list