Bug 1024
Summary: | smbmount root exploit | ||
---|---|---|---|
Product: | [Retired] Red Hat Linux | Reporter: | revelant |
Component: | distribution | Assignee: | David Lawrence <dkl> |
Status: | CLOSED NOTABUG | QA Contact: | |
Severity: | medium | Docs Contact: | |
Priority: | high | ||
Version: | 5.2 | CC: | revelant |
Target Milestone: | --- | ||
Target Release: | --- | ||
Hardware: | i386 | ||
OS: | Linux | ||
URL: | http://samba.sernet.de/linux-lan/ | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 1999-02-02 16:48:57 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
revelant
1999-02-02 03:18:33 UTC
AFAIK, by default smbfs RPM installs smbmount without suid bit set, so it should not be possible to exploit it. What he said. smbmount isn't installed suid root, so the bug isn't exploitable on Red Hat. sugar-toolkit-0.84.5-1.fc11 has been submitted as an update for Fedora 11. http://admin.fedoraproject.org/updates/sugar-toolkit-0.84.5-1.fc11 sugar-toolkit-0.84.5-1.fc11 has been pushed to the Fedora 11 stable repository. If problems still persist, please make note of it in this bug report. |