[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#310982: marked as done (smbmount does not honor uid and gid options with 2.4 kernel)



Your message dated Thu, 02 Jun 2005 13:47:15 -0400
with message-id <E1Ddtml-0000U7-00@newraff.debian.org>
and subject line Bug#310982: fixed in samba 3.0.14a-4
has caused the attached Bug report to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere.  Please contact me immediately.)

Debian bug tracking system administrator
(administrator, Debian Bugs database)

--------------------------------------
Received: (at submit) by bugs.debian.org; 27 May 2005 13:14:05 +0000
>From allomber@math.u-bordeaux.fr Fri May 27 06:14:05 2005
Return-path: <allomber@math.u-bordeaux.fr>
Received: from lns-vlq-7-lil-82-254-197-207.adsl.proxad.net (yellowpig.yi.org) [82.254.197.207] (mail)
	by spohr.debian.org with esmtp (Exim 3.35 1 (Debian))
	id 1Dbef7-00060o-00; Fri, 27 May 2005 06:14:05 -0700
Received: from seventeen
	([127.0.0.1] helo=yellowpig.yi.org ident=mail)
	by yellowpig.yi.org with smtp (Exim 3.35 #1 (Debian))
	id 1Dbef5-0007KZ-00; Fri, 27 May 2005 15:14:03 +0200
Received: (nullmailer pid 28181 invoked by uid 1000);
	Fri, 27 May 2005 13:14:01 -0000
Date: Fri, 27 May 2005 15:14:01 +0200
From: Bill Allombert <ballombe@debian.org>
To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: smbmount does not honor uid and gid options with 2.4 kernel
Message-ID: <20050527131401.GA28161@yellowpig.yi.org>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
X-Reportbug-Version: 3.12
User-Agent: Mutt/1.5.9i
Delivered-To: submit@bugs.debian.org
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02 
	(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Status: No, hits=-8.0 required=4.0 tests=BAYES_00,HAS_PACKAGE 
	autolearn=no version=2.60-bugs.debian.org_2005_01_02
X-Spam-Level: 

Package: smbfs
Version: 3.0.14a-1
Severity: serious
Justification: break security on upgrade

Hello Debian samba maintainers,

smbmount does not honour the uid and gid option with the sarge 2.4
kernel when the server has 'unix extensions' enabled.

The security problem is that 'unix extension' are not enabled with woody samba
server but are enabled by the upgrade to sarge (since this is the
default). At this point the bug in smbmount on the samba client allow
users on the client to access the samba share with the same permission
they would have on the server disregarding the uid/gid option passed to
smbmount.

Cheers,
-- 
Bill. <ballombe@debian.org>

Imagine a large red swirl here. 

-- System Information:
Debian Release: 3.1
Architecture: i386 (i686)
Shell:  /bin/sh linked to /bin/bash
Kernel: Linux 2.4.27-2-386
Locale: LANG=fr_FR, LC_CTYPE=fr_FR (charmap=ISO-8859-1)


---------------------------------------
Received: (at 310982-close) by bugs.debian.org; 2 Jun 2005 17:51:30 +0000
>From katie@ftp-master.debian.org Thu Jun 02 10:51:30 2005
Return-path: <katie@ftp-master.debian.org>
Received: from newraff.debian.org [208.185.25.31] (mail)
	by spohr.debian.org with esmtp (Exim 3.35 1 (Debian))
	id 1Ddtqs-0007pY-00; Thu, 02 Jun 2005 10:51:30 -0700
Received: from katie by newraff.debian.org with local (Exim 3.35 1 (Debian))
	id 1Ddtml-0000U7-00; Thu, 02 Jun 2005 13:47:15 -0400
From: Steve Langasek <vorlon@debian.org>
To: 310982-close@bugs.debian.org
X-Katie: $Revision: 1.56 $
Subject: Bug#310982: fixed in samba 3.0.14a-4
Message-Id: <E1Ddtml-0000U7-00@newraff.debian.org>
Sender: Archive Administrator <katie@ftp-master.debian.org>
Date: Thu, 02 Jun 2005 13:47:15 -0400
Delivered-To: 310982-close@bugs.debian.org
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02 
	(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Status: No, hits=-6.0 required=4.0 tests=BAYES_00,HAS_BUG_NUMBER 
	autolearn=no version=2.60-bugs.debian.org_2005_01_02
X-Spam-Level: 

Source: samba
Source-Version: 3.0.14a-4

We believe that the bug you reported is fixed in the latest version of
samba, which is due to be installed in the Debian FTP archive:

libpam-smbpass_3.0.14a-4_i386.deb
  to pool/main/s/samba/libpam-smbpass_3.0.14a-4_i386.deb
libsmbclient-dev_3.0.14a-4_i386.deb
  to pool/main/s/samba/libsmbclient-dev_3.0.14a-4_i386.deb
libsmbclient_3.0.14a-4_i386.deb
  to pool/main/s/samba/libsmbclient_3.0.14a-4_i386.deb
python2.3-samba_3.0.14a-4_i386.deb
  to pool/main/s/samba/python2.3-samba_3.0.14a-4_i386.deb
samba-common_3.0.14a-4_i386.deb
  to pool/main/s/samba/samba-common_3.0.14a-4_i386.deb
samba-dbg_3.0.14a-4_i386.deb
  to pool/main/s/samba/samba-dbg_3.0.14a-4_i386.deb
samba-doc_3.0.14a-4_all.deb
  to pool/main/s/samba/samba-doc_3.0.14a-4_all.deb
samba_3.0.14a-4.diff.gz
  to pool/main/s/samba/samba_3.0.14a-4.diff.gz
samba_3.0.14a-4.dsc
  to pool/main/s/samba/samba_3.0.14a-4.dsc
samba_3.0.14a-4_i386.deb
  to pool/main/s/samba/samba_3.0.14a-4_i386.deb
smbclient_3.0.14a-4_i386.deb
  to pool/main/s/samba/smbclient_3.0.14a-4_i386.deb
smbfs_3.0.14a-4_i386.deb
  to pool/main/s/samba/smbfs_3.0.14a-4_i386.deb
swat_3.0.14a-4_i386.deb
  to pool/main/s/samba/swat_3.0.14a-4_i386.deb
winbind_3.0.14a-4_i386.deb
  to pool/main/s/samba/winbind_3.0.14a-4_i386.deb



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 310982@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Steve Langasek <vorlon@debian.org> (supplier of updated samba package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.7
Date: Thu,  2 Jun 2005 07:02:46 -0700
Source: samba
Binary: samba-doc libsmbclient libpam-smbpass swat winbind smbclient samba samba-common libsmbclient-dev samba-dbg python2.3-samba smbfs
Architecture: source i386 all
Version: 3.0.14a-4
Distribution: unstable
Urgency: high
Maintainer: Steve Langasek <vorlon@debian.org>
Changed-By: Steve Langasek <vorlon@debian.org>
Description: 
 libpam-smbpass - pluggable authentication module for SMB password database
 libsmbclient - shared library that allows applications to talk to SMB servers
 libsmbclient-dev - libsmbclient static libraries and headers
 python2.3-samba - Python bindings that allow access to various aspects of Samba
 samba      - a LanManager-like file and printer server for Unix
 samba-common - Samba common files used by both the server and the client
 samba-dbg  - Samba debugging symbols
 samba-doc  - Samba documentation
 smbclient  - a LanManager-like simple client for Unix
 smbfs      - mount and umount commands for the smbfs (for kernels >= than 2.2.
 swat       - Samba Web Administration Tool
 winbind    - service to resolve user and group information from Windows NT ser
Closes: 310982 311157 311213
Changes: 
 samba (3.0.14a-4) unstable; urgency=high
 .
   * Last-minute upload for sarge, because I don't listen to anything
     that RM guy says
   * Patch smbmount to strip CAP_UNIX out of the capabilities passed to
     the kernel when uid, gid, dmask, or fmask options have been
     specified; this keeps the mount permissions from changing out from
     under the user when upgrading to a server (or to a kernel) that
     supports unix extensions.  Closes: #310982.
   * Second patch to smbclient search continuation logic, from upstream:
     preserve the original UCS2 filename to guard against lossy
     conversions, and break out if we find ourselves looping.
     Closes: #311157.
   * Upstream fix to make print job cancellations work on big-endian
     systems when talking to RAP-style clients (i.e., smbclient).
     Closes: #311213.
   * Add build-dependency on libpopt-dev, so that we consistently use the
     system popt lib instead of the bundled one.
Files: 
 1d61c84c97627019d703e4572e2ce429 1122 net optional samba_3.0.14a-4.dsc
 d99c05b0b087a7fb159d0f91ac094b6b 114647 net optional samba_3.0.14a-4.diff.gz
 5d6df262588cc4c311bb8b51208ff975 12116726 doc optional samba-doc_3.0.14a-4_all.deb
 2c89babc2f6ff620193b457842b6a651 2514784 net optional samba_3.0.14a-4_i386.deb
 5bc12239d0b4cdfe8504e1c1ace4a0b6 1984108 net optional samba-common_3.0.14a-4_i386.deb
 6a0abf71b91df4d1fd751bb1f8823a5c 2530080 net optional smbclient_3.0.14a-4_i386.deb
 0629cf5cace03bd208fc6e5fa0afd2a9 4052634 net optional swat_3.0.14a-4_i386.deb
 9b3d7b185b2ffe0b3246d2e4a80e0960 370358 otherosfs optional smbfs_3.0.14a-4_i386.deb
 e0a3083f7e15cef80255005928399f5b 346742 admin extra libpam-smbpass_3.0.14a-4_i386.deb
 759f1dcb6ff4f4b88dd438653c406bf5 548888 libs extra libsmbclient_3.0.14a-4_i386.deb
 8820c9474bd40f70bbb1a762486663b3 736862 libdevel extra libsmbclient-dev_3.0.14a-4_i386.deb
 647d39fd5d60d0ace3655f1d1f442a8c 1460338 net optional winbind_3.0.14a-4_i386.deb
 39d7d83c06a8627d6b11c6b6f2440a6a 4741620 python optional python2.3-samba_3.0.14a-4_i386.deb
 cb5ff0baefd7fa7d5f65e18d3752c8e4 6592374 devel optional samba-dbg_3.0.14a-4_i386.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (GNU/Linux)

iD8DBQFCnz9oKN6ufymYLloRAihNAKDSu/i+uUsUPItBkZWsIL4bbruewACgmP61
Y8z/kcVSSkHfS987ebmujn0=
=5629
-----END PGP SIGNATURE-----



Reply to: