[Samba] noexec as CVE-2017-7494 mitigation
Klaus Hartnegg
hartnegg at gmx.de
Fri May 26 08:19:48 UTC 2017
Am 24.05.2017 um 17:50 schrieb Jeremy Allison via samba:
> Here are some mitigation techniques from Red Hat in
> case servers cannot be patched immediately:
> 2. Mount the filessytem which is used by samba for its writeable share,
> using "noexec" option.
I would have expected this to be standard security precaution on all
pure file servers (which is probably the most common use of Samba).
Should the Samba-Wiki tell so, or shouldn't all Linux admins be sane
enough do already do this?
More information about the samba
mailing list