[Pkg-samba-maint] Situation of current samba security issues

Christian Perrier bubulle at debian.org
Sat Oct 10 05:29:01 UTC 2009


Quoting Nico Golde (nion at pool.math.tu-berlin.de):

>  	if(filename != NULL) {
> +		rc = access(filename, R_OK);
> +		if (rc) {
> +			fprintf(stderr, "mount.cifs failed: access check of %s failed: %s\n",
> +					filename, strerror(errno));
> +			exit(2);
> +		}


In parallel of your work, I worked on another solution.

Upstream uses "exit(EX_SYSERR)" here. Actually, this works in samba
3.2.14 because they introduced source/client/mount.h which defines
EX_SYSERR among others. This mount.h is #included by mount.cifs.c

So, my solution was to reintroduce that file and include it from
mount.cifs.c

Of course, this is slightly more invasive and may have side
consequence (I'm unsure...the probability if probably low).

I have a test-build currently unning with that solution....but your
solution is probably better as less invasive. I haven't checked
whether you just replaced "EX_SYSERR" by "2" or if you did other
changes to upstream patch.


-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 198 bytes
Desc: Digital signature
URL: <http://lists.alioth.debian.org/pipermail/pkg-samba-maint/attachments/20091010/bc0b1122/attachment.pgp>


More information about the Pkg-samba-maint mailing list