[Samba] Samba 2.2.3a does not allow non-root users to smbmount a share po int...
abartlet at samba.org
abartlet at samba.org
Tue May 28 18:36:01 GMT 2002
On Tue, May 28, 2002 at 04:43:14PM -0700, Cook, Steven C wrote:
> With smbmount/smbmnt/smbumount setuid root, the following command:
>
> [sccook at dpcv-valhalla32 sccook]$ smbmount //dpswpgfs03/install netmnt -o
> username=sccook,workgroup=amr
>
> Gives the error:
>
> libsmb based programs must *NOT* be setuid root.
> 2206: Connection to dpswpgfs03 failed
> SMB connection failed
>
> Yet, with the binaries *NOT* setuid root, the command
>
> [sccook at dpcv-valhalla32 sccook]$ smbmount //dpswpgfs03/install netmnt -o
> username=sccook,workgroup=amr
>
> Gives the error:
>
> Password:
> smbmnt must be installed suid root for direct user mounts (501,501)
> smbmnt failed: 1
>
> It seems to be a cyclical issue. This was discovered on a clean
> "everything" install of Red Hat 7.3 ("Valhalla"). Is this intentional, that
> non-root users can no longer use SMB? This seems counter-productive.
> Please advise.
smbmnt and smbumount *only* should be installed setuid root.
smbmount is *NOT* secure when setuid root, and this check was added for your
safety. (It would allow execution of any arbitary system command as root if
you did).
smbmnt is a small helper that is designed to allow the privilaged tasks to
be performed without undue risk. It is intended to be safe, but somebody
should check it.
Andrew Bartlett
More information about the samba
mailing list