http://bugzilla.novell.com/show_bug.cgi?id=578621 http://bugzilla.novell.com/show_bug.cgi?id=578621#c0 Summary: Update documentation about mount.cifs behavior change Classification: openSUSE Product: openSUSE 11.3 Version: Milestone 1 Platform: All OS/Version: openSUSE 11.3 Status: NEW Severity: Normal Priority: P5 - None Component: Release Notes AssignedTo: ke@novell.com ReportedBy: sjayaraman@novell.com QAContact: coolo@novell.com Found By: Security Response Team Blocker: --- The mount.cifs program that is being used to mount Samba/CIFS shares will not be allowed to be run as a setuid root program. mount.cifs has been the subject of several security bugs that have arisen due to some of the users using it as a setuid root program. For e.g., tools like smb4k on the distribution requires mount.cifs setuid root. So there's a chance that users of such tools set the setuid bit. This program has not been properly audited for security and the Samba team strongly recommends that it not be installed as a setuid root program at this time. To make that very clear, this release forcibly disables the ability for mount.cifs to run as a setuid root program. People are welcome to trivially patch this out, by setting CIFS_DISABLE_SETUID_CHECK to 1, but they do so at their own peril. A security audit and redesign of this program is in progress by the Samba Team. -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.