diff options
| author | Jeff Layton <jlayton@redhat.com> | 2010-01-26 08:15:41 -0500 |
|---|---|---|
| committer | Jeff Layton <jlayton@redhat.com> | 2010-01-26 08:15:41 -0500 |
| commit | a0c31ec1c8d1220a5884e40d9ba6b191a04a24d5 (patch) | |
| tree | 8aa76af962d01d047870b718bcbe5b1a07bc3c0f /source4/auth/kerberos/kerberos-porting-to-mit-notes.txt | |
| parent | a065c177dfc8f968775593ba00dffafeebb2e054 (diff) | |
| download | samba-a0c31ec1c8d1220a5884e40d9ba6b191a04a24d5.tar.gz samba-a0c31ec1c8d1220a5884e40d9ba6b191a04a24d5.tar.bz2 samba-a0c31ec1c8d1220a5884e40d9ba6b191a04a24d5.zip | |
mount.cifs: don't allow it to be run as setuid root program
mount.cifs has been the subject of several "security" fire drills due to
distributions installing it as a setuid root program. This program has
not been properly audited for security and the Samba team highly
recommends that it not be installed as a setuid root program at this
time.
To make that abundantly clear, this patch forcibly disables the ability
for mount.cifs to run as a setuid root program. People are welcome to
trivially patch this out, but they do so at their own peril.
A security audit and redesign of this program is in progress and we hope
that we'll be able to remove this in the near future.
Signed-off-by: Jeff Layton <jlayton@redhat.com>
Diffstat (limited to 'source4/auth/kerberos/kerberos-porting-to-mit-notes.txt')
0 files changed, 0 insertions, 0 deletions