[Pkg-samba-maint] DO NOT REPLY [Bug 6853] mount.cifs race that allows user to replace mountpoint with a symlink
samba-bugs at samba.org
samba-bugs at samba.org
Sun Feb 7 19:15:20 UTC 2010
https://bugzilla.samba.org/show_bug.cgi?id=6853
mperrin at icehouse.net changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |mperrin at icehouse.net
------- Comment #14 from mperrin at icehouse.net 2010-02-07 13:15 CST -------
With reference to comment #11:
While I appreciate your necessary concern for security, this patch ignores the
long standing *nix culture that such decisions are in the purview of the
computer owner or system administrator. As you noted, mount.cifs is of limited
utility without the ability to run suid root. Setting that permission is a
conscious decision. Most of us get our binaries from distributions. Code that
requires the suid option be enabled at compile time forces us to operate
outside of the distribution's package management system by compiling this one
program separately or overwriting the new package binary with a previous
version.
If you feel that the system owner/admin setting root executable permission is
inadequate demonstration of understanding with regard to security, please
consider determining program behaviour by a configuration file entry rather
than a compile option. A non-default configuration entry would certainly imply
the same level of concious decision as setting a define in the source code.
--
Configure bugmail: https://bugzilla.samba.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.
More information about the Pkg-samba-maint
mailing list