On Tue, May 28, 2002 at 04:43:14PM -0700, Cook, Steven C wrote:
> With smbmount/smbmnt/smbumount setuid root, the following command:
>
> [sccook@dpcv-valhalla32 sccook]$ smbmount //dpswpgfs03/install netmnt -o
> username=sccook,workgroup=amr
>
> Gives the error:
>
> libsmb based programs must *NOT* be setuid root.
> 2206: Connection to dpswpgfs03 failed
> SMB connection failed
>
> Yet, with the binaries *NOT* setuid root, the command
>
> [sccook@dpcv-valhalla32 sccook]$ smbmount //dpswpgfs03/install netmnt -o
> username=sccook,workgroup=amr
>
> Gives the error:
>
> Password:
> smbmnt must be installed suid root for direct user mounts (501,501)
> smbmnt failed: 1
>
> It seems to be a cyclical issue. This was discovered on a clean
> "everything" install of Red Hat 7.3 ("Valhalla"). Is this intentional, that
> non-root users can no longer use SMB? This seems counter-productive.
> Please advise.
smbmnt and smbumount *only* should be installed setuid root.
smbmount is *NOT* secure when setuid root, and this check was added for your
safety. (It would allow execution of any arbitary system command as root if
you did).
smbmnt is a small helper that is designed to allow the privilaged tasks to
be performed without undue risk. It is intended to be safe, but somebody
should check it.
Andrew Bartlett
--
To unsubscribe from this list go to the following URL and read the
instructions: http://lists.samba.org/mailman/listinfo/samba
