[Pkg-samba-maint] Bug#527576: samba: Fixes introduced in #496073 prevent usage of smbstatus by a non-root user
Peter Rabbitson
rabbit+bugs at rabbit.us
Fri May 8 08:58:01 UTC 2009
Package: samba
Version: 2:3.3.4-1
Severity: normal
Hello,
The fix for bug #496073 introduced the following two patches into the
codebase:
http://us3.samba.org/samba/ftp/patches/security/samba-3.2.2-CVE-2008-3789-1.patch
http://us3.samba.org/samba/ftp/patches/security/samba-3.2.2-CVE-2008-3789-2.patch
This prevents me from running connection reports as a non-user using
the smbstatus utility, as there are insufficient permissions to open
/var/run/samba/messages.tdb.
This is furthermore compounded by the problem of /var/run being cleaned
up on every reboot, so I any chmod 660/chgrp <authorised users> settings
are lost.
Currently the only way forward is for me to set SUID on smbstatus, and
by all standards this is a bad idea. Is there any better workaround for
this?
Ideally I'd like to have perms 660 on newly created files, and have
samba respect the SGID setting of /var/run/samba
Thank you
More information about the Pkg-samba-maint
mailing list