[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#310982: plan to include in sarge 2.4 update

On Sun, Nov 12, 2006 at 10:28:10PM -0700, dann frazier wrote:
> On Mon, Nov 13, 2006 at 01:30:19PM +0900, Horms wrote:
> > If you point me at the patch I'll be happy to rack my brains and
> > tell you want I was thinking at the time.
> 
> Thanks Horms, here's the link:
>   http://bugs.debian.org/cgi-bin/bugreport.cgi/smbfs.no_cap_unix.patch?bug=310982;msg=101;att=1

Ahh yes, I do recall that one.

I've just read through all the messages associated with the bug
and my position can be best described by the text at
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=310982;msg=101

That is, the patch should make the kernel ignore CAP_UNIX if
options which make it dangerous in Sarge are specified from
user-space.  At the time this seemed to Steve Langasek and myself
to be the best of a poor set of available solutions.  And I think
that is still the case.

I have not verified that the patch is correct.  Although I do remember
being quite confident about it at the time.  If someone could test it,
that would be most excellent :)


-- 
Horms
  H: http://www.vergenet.net/~horms/
  W: http://www.valinux.co.jp/en/
Reply to: