reassign 310982 kernel-source-2.4.27 thanks On Fri, May 27, 2005 at 03:14:01PM +0200, Bill Allombert wrote: > Package: smbfs > Version: 3.0.14a-1 > Severity: serious > Justification: break security on upgrade > Hello Debian samba maintainers, > smbmount does not honour the uid and gid option with the sarge 2.4 > kernel when the server has 'unix extensions' enabled. > The security problem is that 'unix extension' are not enabled with woody samba > server but are enabled by the upgrade to sarge (since this is the > default). At this point the bug in smbmount on the samba client allow > users on the client to access the samba share with the same permission > they would have on the server disregarding the uid/gid option passed to > smbmount. This is a bug in the kernel, not in the userspace tools; smbmount has no say in whether Unix capabilities are negotiated. An appropriate fix might be for the kernel to ignore the presence of CAP_UNIX when uid/gid options have been passed to mount. -- Steve Langasek postmodern programmer
Attachment:
signature.asc
Description: Digital signature