[Samba] undefined reference to `swrap_close'
Andrew Bartlett
abartlet at samba.org
Tue Jan 31 20:34:51 GMT 2006
On Tue, 2006-01-31 at 09:32 -0600, Gerald (Jerry) Carter wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> imacat wrote:
>
> >> No, I think we need to avoid smbmnt getting these defines.
> >> This is a setuid app, and I'm worried by how socket wrapper
> >> (and the environment variable based changes in behaviour)
> >> would interact, in a security sense.
> >
> > Oh. Thank you for reminding me this. This is *really*
> > a serious security issue. I've recompiled all my samba
> > without socket_wrapper. Thanks again for pointing out this.
>
> No its not a security issue. The socket wrapper stuff is for
> development testing only. There is no production value in it.
I think the correct phrasing is that imacat's proposed fix would create
a serious security issue on machines compiled with the socket wrapper
code, and mistakenly deployed in production. That is why I said it was
an incorrect fix.
The correct fix (for the build issue) is not to have smbmnt built with
those defines in place, so we link correctly.
Andrew Bartlett
--
Andrew Bartlett http://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
Student Network Administrator, Hawker College http://hawkerc.net
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/samba/attachments/20060201/70271f2d/attachment.bin
More information about the samba
mailing list