1 |
-----BEGIN PGP SIGNED MESSAGE----- |
2 |
Hash: SHA1 |
3 |
|
4 |
Hi all -- |
5 |
|
6 |
Can someone who uses Samba please take a look at bugs 41800 and 45965? 41800 |
7 |
is a local-root vulnerability with smbmount/smbfs (it has an updated ebuild), |
8 |
and 45965 is a symlink vulnerability in smbprint (and it has the patch that |
9 |
goes with 41800). |
10 |
|
11 |
I'd like to make sure I got the smbprint patch right. |
12 |
|
13 |
Also, what are your reactions to making smbmount non-setuid (thus preventing |
14 |
normal users from mounting remote Samba filesystems)? Is there a better |
15 |
workaround/fix for this (other than patching the kernel)? I'd rather not |
16 |
tamper with existing functionality if I can help it. |
17 |
|
18 |
Thanks. |
19 |
|
20 |
- -- Josh |
21 |
|
22 |
- ----------------------------------------- |
23 |
Joshua J. Berry |
24 |
|
25 |
"I haven't lost my mind -- it's backed up on tape somewhere." |
26 |
-- /usr/games/fortune |
27 |
|
28 |
NOTE: Please do not submit this email address to any mailing |
29 |
lists or websites without prior permission. Thank you. |
30 |
-----BEGIN PGP SIGNATURE----- |
31 |
Version: GnuPG v1.2.4 (GNU/Linux) |
32 |
|
33 |
iD8DBQFAe0RYaIxeYlQMsxsRAu9RAJ4ly6bCUFLsAO9FN1DPhLpfTkzPmQCfc2sr |
34 |
PQVKIuIF+GuAWZ2TwjF8iVk= |
35 |
=0Rkb |
36 |
-----END PGP SIGNATURE----- |
37 |
|
38 |
-- |
39 |
gentoo-security@g.o mailing list |