svn commit: samba r9946 - branches/SAMBA_3_0/source/smbd trunk/source/smbd

Gerald (Jerry) Carter jerry at
Fri Sep 2 13:29:25 GMT 2005

Hash: SHA1

Gerald (Jerry) Carter wrote:
> gd at wrote:
>>>Author: gd
>>>Date: 2005-09-02 09:16:08 +0000 (Fri, 02 Sep 2005)
>>>New Revision: 9946
>>>allow the priv-based chown (se_take_ownership) to chown to other users
>>>(not only to the current_user.uid).
>>>Jeremy, please have a look.
> Guenther,
> This changes the entire meaning of SeTakeOwnership.  We have already
> release the SeTakeOwnershipPrivilege in 3.0.20 to mean change
> ownership to yourself only.  I'm not  sure this is a good idea.
> IMO this is too dangerous to be done via Samba.  For example,
> a user with SeTakeOwnership could create a script with the
> setuid bit and then change the ownership to root.
> I'd vote -1 on this patch due to security concerns.

Note to self....

Always read all svn commit messages before sending off mail
to samba-technical.  I'll look at the SeRestorePriviledge changes
later today.

btw...This would have been a good patch to post for review before
checking in.

cheers, jerry

Version: GnuPG v1.4.0 (GNU/Linux)
Comment: Using GnuPG with Thunderbird -


More information about the samba-technical mailing list