Helmut Hullen wrote:
Hallo, Michael,
<snip>
If we assume that cifs unix
extensions can be made to work, I could bring in my laptop which
contains a SUID root binary and mount it to my workstation.
But (regarding my error correction): ypu always can set the SUID flag on
your laptop's "mount.cifs"!
The server has to decide wether it will accept the mount try.
Sorry, maybe I wasn't clear. If I bring in my laptop that is setup as a
samba server, then I could, for example, put a copy of bash on a share
on my laptop and make the bash binary SUID root (because of course, I
have root on my laptop). If I can then get my workstation to mount a
share from my laptop, I can run that copy of bash from the network share
and gain full root access to the workstation.
Sudo would probably offer a way around this.
Viele Gruesse!
Helmut
*Michael Heydon - IT Administratorr *
[EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]>
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba
