Should samba become_root() before calling panic action?
Andrew Bartlett
abartlet at samba.org
Wed Apr 9 23:16:43 GMT 2003
On Thu, 2003-04-10 at 01:40, Gerald (Jerry) Carter wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> On 9 Apr 2003, Andrew Bartlett wrote:
>
> > If a user can kill an smbd then we have much bigger problems!
>
> But we have had these exact problems recently so it would be
> foolish to think the case never exists.
In any case, a panic action should be written with the assumption that
an attacker can cause a crash at will - as without smbd bugs, there
would be no need for a panic action :-).
As that attack/weakness could just as easily be in root-run part of
smbd, I think becoming root again would not cause any additional danger.
Andrew Bartlett
--
Andrew Bartlett abartlet at pcug.org.au
Manager, Authentication Subsystems, Samba Team abartlet at samba.org
Student Network Administrator, Hawker College abartlet at hawkerc.net
http://samba.org http://build.samba.org http://hawkerc.net
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/samba-technical/attachments/20030410/eea77b6c/attachment.bin
More information about the samba-technical
mailing list