On Thu, 8 Apr 2010 00:45:20 -0400 Chris Smith <[email protected]> wrote:
> On Wed, Apr 7, 2010 at 9:39 PM, Jeff Layton <[email protected]> wrote: > > Yes, we added a patch a while back to make it such that mount.cifs > > would not allow itself to run as a setuid root program unless it that > > check was compiled out. > > > > This was done due to a rather constant stream of "security issues" that > > were brought about when people installed mount.cifs setuid root. Since > > it had never been vetted for security, we really had no other choice to > > communicate that installing it setuid root was unsafe. > > Not the place for it so the inquiry is only rhetorical. > How can you equate adding a patch preventing a sysadmin from using an > app as designed to communicating? Communication is one thing, > handcuffs are another. > Our hand was forced. After repeatedly telling people who were installing it setuid root "don't do that", we continued to get CVE's reported from people who continued to use it that way and expected us to treat the problem as a security issue. Our fix was somewhat heavy-handed, but we absolutely had to make it clear that it wasn't safe to install mount.cifs in that fashion. The patch to remove that check was trivial (simply change one #define in the code), but required the person building the program to consciously override our warnings. The Debian package maintainer wisely chose not to do so. In any case, the point is somewhat moot now. The current mount.cifs that ships in cifs-utils no longer prevents installation as a setuid root program. -- Jeff Layton <[email protected]> -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/options/samba
