Should samba become_root() before calling panic action?

Andrew Bartlett abartlet at
Wed Apr 9 23:16:43 GMT 2003

On Thu, 2003-04-10 at 01:40, Gerald (Jerry) Carter wrote:
> Hash: SHA1
> On 9 Apr 2003, Andrew Bartlett wrote:
> > If a user can kill an smbd then we have much bigger problems!
> But we have had these exact problems recently so it would be 
> foolish to think the case never exists.

In any case, a panic action should be written with the assumption that
an attacker can cause a crash at will - as without smbd bugs, there
would be no need for a panic action :-).  

As that attack/weakness could just as easily be in root-run part of
smbd, I think becoming root again would not cause any additional danger.

Andrew Bartlett

Andrew Bartlett                                 abartlet at
Manager, Authentication Subsystems, Samba Team  abartlet at
Student Network Administrator, Hawker College   abartlet at
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url :

More information about the samba-technical mailing list