[Pkg-samba-maint] Bug#603631: Bug#603631: smbfs: smbmount renders system when logged on with unprivileged user. Even reboot is not possible
Christian PERRIER
bubulle at debian.org
Tue Nov 16 06:08:33 UTC 2010
Quoting christianha (christianha1111 at aon.at):
> Package: smbfs
> Version: 2:3.2.5-4lenny13
> Severity: critical
> Tags: security
> Justification: breaks unrelated software
Really?
>
> 1. sudo apt-get install smbfs
> 2. sudo /usr/sbin/adduser nagios
> 3. sudo /usr/sbin/usermod -a -G nagios nagios
> 4. while true; do mkdir -p /tmp/mnt_10.0.0.2/test$ && smbmount //10.0.0.2/test$ /tmp/mnt_10.0.0.2/test$ -o password=asdfasdf,uid=nagios,gid=nagios,ro >> /dev/null& done
> 5. wait approximately 10 seconds
> 6. Strg+C
> 7. ps aux (You will see lots of processes called /sbin/mount.cifs.)
> 8. you can.t reboot system
>
> Solution is to install linux-image-amd64 (>=2.6.32+25) from deb http://www.backports.org/debian lenny-backports main contrib non-free
Then, the problem is very likely in the kernel, don't you think?
(more specifically in the kernel driver for cifs)
And that problem is only happening in lenny kernels.
So, imho, appropriate actions:
downgrade severity to important
reassign to kernel
mark as fixed in whatever kernel version is above the one in lenny
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 836 bytes
Desc: Digital signature
URL: <http://lists.alioth.debian.org/pipermail/pkg-samba-maint/attachments/20101116/55db456d/attachment.pgp>
More information about the Pkg-samba-maint
mailing list