DO NOT REPLY [Bug 5275] user id mapping stopped working with
3.0.0pre10
samba-bugs at samba.org
samba-bugs at samba.org
Fri Feb 22 00:28:03 GMT 2008
https://bugzilla.samba.org/show_bug.cgi?id=5275
matt at mattmccutchen.net changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |RESOLVED
Resolution| |INVALID
------- Comment #1 from matt at mattmccutchen.net 2008-02-21 18:28 CST -------
This is the expected behavior, however unfortunate. Beginning with rsync
3.0.0pre10, the default is for a daemon never to map uids/gids by name in
modules with "use chroot" enabled. This closes a vulnerability where a client
might be able to compromise a daemon process by uploading shared libraries that
the daemon process would load in an attempt to do uid/gid mapping. If your
modules are read-only or you have taken other security measures, you can set
"numeric ids = true" in the configuration to re-enable uid/gid mapping. See
section `3. Daemon advisory for "use chroot = yes"' of
http://rsync.samba.org/security.html for more information.
--
Configure bugmail: https://bugzilla.samba.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the QA contact for the bug, or are watching the QA contact.
More information about the rsync
mailing list