| commit | a3be1c25c768cda607595722509a9721ddce9027 | |
| author | Jeff Layton <jlayton@redhat.com> | |
| Tue, 26 Jan 2010 13:15:41 +0000 (26 08:15 -0500) | ||
| committer | Fernando J V da Silva <fernandojvsilva@yahoo.com.br> | |
| Thu, 4 Feb 2010 19:09:46 +0000 (4 17:09 -0200) | ||
| tree | 52a9548829ac9260f03ea3c13d1d317e75451415 | treesnapshot (tar.gz zip) |
| parent | e830fcc4cafd33baa627e95ac4bbbe5966cab06a | commitdiff |
mount.cifs: don't allow it to be run as setuid root program
mount.cifs has been the subject of several "security" fire drills due to
distributions installing it as a setuid root program. This program has
not been properly audited for security and the Samba team highly
recommends that it not be installed as a setuid root program at this
time.
To make that abundantly clear, this patch forcibly disables the ability
for mount.cifs to run as a setuid root program. People are welcome to
trivially patch this out, but they do so at their own peril.
A security audit and redesign of this program is in progress and we hope
that we'll be able to remove this in the near future.
Signed-off-by: Jeff Layton <jlayton@redhat.com>
mount.cifs has been the subject of several "security" fire drills due to
distributions installing it as a setuid root program. This program has
not been properly audited for security and the Samba team highly
recommends that it not be installed as a setuid root program at this
time.
To make that abundantly clear, this patch forcibly disables the ability
for mount.cifs to run as a setuid root program. People are welcome to
trivially patch this out, but they do so at their own peril.
A security audit and redesign of this program is in progress and we hope
that we'll be able to remove this in the near future.
Signed-off-by: Jeff Layton <jlayton@redhat.com>
| client/mount.cifs.c | diffblobblamehistory |