On Sat, May 28, 2005 at 02:07:04PM -0700, Steve Langasek wrote: > On Sat, May 28, 2005 at 06:39:28PM +0200, Bill Allombert wrote: > > On Fri, May 27, 2005 at 12:20:49PM -0700, Steve Langasek wrote: > > > On Sat, May 28, 2005 at 05:17:39AM +1000, Andrew Bartlett wrote: > > > Yeah, on second look I see that it can be done in smbmount, and this would > > > be a far more expedient fix. > > > You mean something like the patch below ? > > (Not tested yet, want to be sure this is the idea) > > Yep. > > I would've uploaded such a fix already, but upstream objects to this because > doing this in userspace instead of in the kernel means losing the other > features of CAP_UNIX -- which are, uh, symlinks and pipes, basically. I'm > not really convinced that symlinks and pipes are important enough for people > who are using existing mounts with uid or gid smashing to warrant shipping
I am obviously biased since I spend a whole night trying to track down this problem, but I think that people interested in CAP_UNIX will have moved to kernel 2.6 and cifs. At that point it seems unlikely that kernel 2.4 will be ever fixed, in Debian or in mainline. It is a very nasty security problem: The server can change the security model of the client by enabling unix capability ! This can be used to compromise the client if the server is compromised. One option would be to check if the host run a 2.4 kernel or a 2.6 kernel and only apply the correction for 2.4 kernel. (It is my understanding that 2.6 kernels do not have this problem, though I did not try); Cheers, -- Bill. <[EMAIL PROTECTED]> Imagine a large red swirl here. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
