On Mon, Nov 13, 2006 at 05:49:56PM +0100, Bill Allombert wrote: > On Mon, Nov 13, 2006 at 09:26:10AM -0700, dann frazier wrote: > > On Mon, Nov 13, 2006 at 10:09:52AM +0100, Bill Allombert wrote: > > > Thanks for looking at this. > > > > > > I initially reported this issue to samba and then I provided a patch for > > > smbmout. Now if the issue is fixed in the kernel instead, then all > > > kernel providing smbfs need to be fixed, not only sarge-2.4.27. > > > > I was wondering about that - so if we apply this in 2.4.27, we should > > probably also apply it in 2.6.8.
> > Is the smbmount patch still present in etch/sid? I'm ok with doing > > this as a workaround for sarge, but not with forward porting the patch > > indefinitely to future kernel releases. > As far as I know the smbmount patch has never been applied to any release. Yes, because this is a kernel security bug. The smbmount patch was entertained pre-sarge only as a stopgap due to the proximity to release; the right place to fix this is still in the kernel (upstream as appropriate). Thanks, -- Steve Langasek Give me a lever long enough and a Free OS Debian Developer to set it on, and I can move the world. [EMAIL PROTECTED] http://www.debian.org/ -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
