[Samba] Re: using samba as nfs server replacement?

John Hodrien johnh at comp.leeds.ac.uk
Thu Apr 24 10:00:07 GMT 2008


On Thu, 24 Apr 2008, Helmut Hullen wrote:

> Du (michaelh) meintest am 24.04.08:
>
>>> You may set the SUID flag for "mount,cifs" and "umount.cifs" on the
>>> server.
>
>> That could be a security hazard.
>
> One mistake (from me): these flags must be set on the client. The client
> tries to mount, and it uses its local "mount.cifs".
>
>> If we assume that cifs unix
>> extensions can be made to work, I could bring in my laptop which
>> contains a SUID root binary and mount it to my workstation.
>
> But (regarding my error correction): ypu always can set the SUID flag on
> your laptop's "mount.cifs"!
>
> The server has to decide wether it will accept the mount try.

I think there's some confusion between setting /sbin/mount.cifs setuid, and
having suid as a mount option.

jh

-- 
"Your right to swing your fist ends where my nose begins."
                                                      -- Robert Heinlein


More information about the samba mailing list