Bug#310982: plan to include in sarge 2.4 update
On Mon, Nov 13, 2006 at 10:09:52AM +0100, Bill Allombert wrote:
> Thanks for looking at this.
> I initially reported this issue to samba and then I provided a patch for
> smbmout. Now if the issue is fixed in the kernel instead, then all
> kernel providing smbfs need to be fixed, not only sarge-2.4.27.
I was wondering about that - so if we apply this in 2.4.27, we should
probably also apply it in 2.6.8.
Is the smbmount patch still present in etch/sid? I'm ok with doing
this as a workaround for sarge, but not with forward porting the patch
indefinitely to future kernel releases.
Another option we could consider is to do a security release of samba
with either the !CAP_UNIX patch, or a NEWS.Debian that warns users of
this change in behavior. cc'ing the security team for their input.