On Fri, 2005-05-27 at 08:20 -0700, Steve Langasek wrote: > reassign 310982 kernel-source-2.4.27 > thanks > > On Fri, May 27, 2005 at 03:14:01PM +0200, Bill Allombert wrote: > > Package: smbfs > > Version: 3.0.14a-1 > > Severity: serious > > Justification: break security on upgrade > > > Hello Debian samba maintainers, > > > smbmount does not honour the uid and gid option with the sarge 2.4 > > kernel when the server has 'unix extensions' enabled. > > > The security problem is that 'unix extension' are not enabled with woody samba > > server but are enabled by the upgrade to sarge (since this is the > > default). At this point the bug in smbmount on the samba client allow > > users on the client to access the samba share with the same permission > > they would have on the server disregarding the uid/gid option passed to > > smbmount. > > This is a bug in the kernel, not in the userspace tools; smbmount has no say > in whether Unix capabilities are negotiated. Well, it can choose not to provide that capability, as for smbfs smbmount provides the session setup. (Contrasting with the cifs vfs, which is all in-kernel). > An appropriate fix might be for the kernel to ignore the presence of > CAP_UNIX when uid/gid options have been passed to mount. This is also a very sensible way to handle it, and is the only 'secure' way, given that smbmount is unprivileged. Andrew Bartlett -- Andrew Bartlett http://samba.org/~abartlet/ Authentication Developer, Samba Team http://samba.org Student Network Administrator, Hawker College http://hawkerc.net
Attachment:
signature.asc
Description: This is a digitally signed message part