[Pkg-samba-maint] Bug#571323: [smbfs] missing sticky bit on /sbin/*mount.cifs
Baggett Jonas
Jonas.Baggett at edu.hefr.ch
Sat Feb 27 08:20:14 UTC 2010
Hi,
It is actually a temporary mesure until mount.cifs will be fixed to be safe when it is setuid, see :
http://lists.samba.org/archive/linux-cifs-client/2010-February/005558.html
As I understand, the threat is a local root exploit. But I think that a lot of people don't expect
that somebody make a local root exploit in their computer. For example the people that are
the only user using their computer. Nobody else than them can login, right ?
So why not instead of making impossible mount.cifs to be used setuid (which seems to me
not improving the security for all the users), tell the users when
it is safe to be launch setuid and when it is not, so they could make the choice ?
Bye
Jonas
More information about the Pkg-samba-maint
mailing list