On Sat, May 28, 2005 at 06:39:28PM +0200, Bill Allombert wrote: > On Fri, May 27, 2005 at 12:20:49PM -0700, Steve Langasek wrote: > > On Sat, May 28, 2005 at 05:17:39AM +1000, Andrew Bartlett wrote: > > Yeah, on second look I see that it can be done in smbmount, and this would > > be a far more expedient fix.
> You mean something like the patch below ? > (Not tested yet, want to be sure this is the idea) Yep. I would've uploaded such a fix already, but upstream objects to this because doing this in userspace instead of in the kernel means losing the other features of CAP_UNIX -- which are, uh, symlinks and pipes, basically. I'm not really convinced that symlinks and pipes are important enough for people who are using existing mounts with uid or gid smashing to warrant shipping with this bug, but as I said, upstream has objected rather strenuously. (The difference for sarge r0 isn't even the difference between fixing it in userspace or fixing it in the kernel, it's the difference between fixing it in userspace or shipping with the bug because there's no way to get fixed kernel images in time. :/) -- Steve Langasek postmodern programmer > --- samba-3.0.14a.orig/source/client/smbmount.c > +++ samba-3.0.14a/source/client/smbmount.c > @@ -212,6 +212,8 @@ > c->capabilities &= ~CAP_STATUS32; > c->force_dos_errors = True; > } > + if (mount_uid || mount_gid || mount_fmask || mount_dmask) > + c->capabilities &= ~CAP_UNIX; > > if (!cli_session_setup(c, username, > password, strlen(password),
signature.asc
Description: Digital signature
