Bug 640700 - cifs default option is too wide open
Summary: cifs default option is too wide open
Keywords:
Status: CLOSED WONTFIX
Alias: None
Product: Red Hat Enterprise Linux 5
Classification: Red Hat
Component: kernel
Version: 5.5
Hardware: All
OS: Linux
low
medium
Target Milestone: rc
: ---
Assignee: Jeff Layton
QA Contact: Red Hat Kernel QE team
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2010-10-06 16:14 UTC by Tru Huynh
Modified: 2014-06-18 07:40 UTC (History)
3 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2010-10-06 17:55:02 UTC
Target Upstream Version:
Embargoed:

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
CentOS 4537 0 None None None Never

Description Tru Huynh 2010-10-06 16:14:17 UTC 
Description of problem:
the default option for a cifs mounted share is 777

Version-Release number of selected component (if applicable):
kernel-2.6.18-194.17.1.el5.x86_64
samba-client-3.0.33-3.29.el5_5.1.x86_64


How reproducible:
Always

Steps to Reproduce:
1. mount a cifs share 
2. mount point is 777
3.
  
Actual results:
wide open mount point

Expected results:
restricted access (755 was expected)

Additional info:
one needs to force dir_mode/file_mode to ensure proper restriction
Comment 1 Jeff Layton 2010-10-06 17:40:21 UTC 
I tend to agree (which is why I drove the changes upstream that changed this default to something more sane). Unfortunately however, we have to consider backward compatibility for CIFS. If we change this default now then we may break existing deployments. I don't think we can reasonably do this in RHEL5 at this point.
Comment 2 Jeff Layton 2010-10-06 17:41:24 UTC 
Note that the default will be more sane in RHEL6.
Comment 4 RHEL Program Management 2010-10-06 17:55:02 UTC 
Development Management has reviewed and declined this request.  You may appeal
this decision by reopening this request.
Note You need to log in before you can comment on or make changes to this bug.