[Pkg-samba-maint] r1478 - in trunk/samba/debian: . patches

vorlon at alioth.debian.org vorlon at alioth.debian.org
Thu Jul 12 23:47:08 UTC 2007 

Author: vorlon
Date: 2007-07-12 23:47:07 +0000 (Thu, 12 Jul 2007)
New Revision: 1478

Added:
   trunk/samba/debian/patches/cifs-umount-same-user.patch
Modified:
   trunk/samba/debian/changelog
   trunk/samba/debian/patches/series
Log:
The CIFS_IOC_CHECKMOUNT ioctl check in umount.cifs assumed that errors would
return a value > 0, when in fact the return value on failure is -1.  Correct
this assumption, which was allowing any user to unmount shares mounted by
other users.



Modified: trunk/samba/debian/changelog
===================================================================
--- trunk/samba/debian/changelog	2007-07-12 06:50:50 UTC (rev 1477)
+++ trunk/samba/debian/changelog	2007-07-12 23:47:07 UTC (rev 1478)
@@ -18,8 +18,12 @@
   * cifs-umount-trailing-slashes.patch: canonicalize mount point names when
     umount.cifs is called, to avoid unnecessarily leaving entries behind in
     /etc/mtab if invoked with a trailing slash in the mount point name
+  * cifs-umount-same-user.patch: the CIFS_IOC_CHECKMOUNT ioctl check
+    in umount.cifs assumed that errors would return a value > 0, when in fact
+    the return value on failure is -1.  Correct this assumption, which was
+    allowing any user to unmount shares mounted by other users.
 
- -- Steve Langasek <vorlon at debian.org>  Wed, 11 Jul 2007 23:49:49 -0700
+ -- Steve Langasek <vorlon at debian.org>  Thu, 12 Jul 2007 15:48:09 -0700
 
 samba (3.0.25b-1) unstable; urgency=low
 

Added: trunk/samba/debian/patches/cifs-umount-same-user.patch
===================================================================
--- trunk/samba/debian/patches/cifs-umount-same-user.patch	                        (rev 0)
+++ trunk/samba/debian/patches/cifs-umount-same-user.patch	2007-07-12 23:47:07 UTC (rev 1478)
@@ -0,0 +1,22 @@
+Goal: the CIFS_IOC_CHECKMOUNT ioctl check assumed that errors would return a
+value > 0, when in fact the return value on failure is -1.  Correct this
+assumption, which was allowing any user to unmount shares mounted by other
+users.
+
+Author: Steve Langasek <vorlon at debian.org>
+
+Upstream status: submitted as bugzilla bug #4784
+
+Index: samba-3.0.25b/source/client/umount.cifs.c
+===================================================================
+--- samba-3.0.25b.orig/source/client/umount.cifs.c	2007-07-12 00:30:57.000000000 -0700
++++ samba-3.0.25b/source/client/umount.cifs.c	2007-07-12 15:44:00.000000000 -0700
+@@ -131,7 +131,7 @@
+ 		printf("user unmounting via %s is an optional feature of",thisprogram);
+ 		printf(" the cifs filesystem driver (cifs.ko)");
+ 		printf("\n\tand requires cifs.ko version 1.32 or later\n");
+-	} else if (rc > 0)
++	} else if (rc != 0)
+ 		printf("user unmount of %s failed with %d %s\n",dir,errno,strerror(errno));
+ 	close(fileid);
+ 

Modified: trunk/samba/debian/patches/series
===================================================================
--- trunk/samba/debian/patches/series	2007-07-12 06:50:50 UTC (rev 1477)
+++ trunk/samba/debian/patches/series	2007-07-12 23:47:07 UTC (rev 1478)
@@ -19,3 +19,4 @@
 missing_userspace_bugzilla999.patch
 linux-cifs-user-perms.patch
 cifs-umount-trailing-slashes.patch
+cifs-umount-same-user.patch

More information about the Pkg-samba-maint mailing list