On Thu, 24 Apr 2008, Helmut Hullen wrote:

> Du (michaelh) meintest am 24.04.08:
>
>>> You may set the SUID flag for "mount,cifs" and "umount.cifs" on the
>>> server.

>
>> That could be a security hazard.

>
> One mistake (from me): these flags must be set on the client. The client
> tries to mount, and it uses its local "mount.cifs".
>
>> If we assume that cifs unix
>> extensions can be made to work, I could bring in my laptop which
>> contains a SUID root binary and mount it to my workstation.

>
> But (regarding my error correction): ypu always can set the SUID flag on
> your laptop's "mount.cifs"!
>
> The server has to decide wether it will accept the mount try.


I think there's some confusion between setting /sbin/mount.cifs setuid, and
having suid as a mount option.

jh

--
"Your right to swing your fist ends where my nose begins."
-- Robert Heinlein
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba