thr3ads.net - samba - [Samba] Samba 2.2.3a does not allow non-root users to smbmount a share po int... [May 2002]

If this information is useful, please help other people find it:
Share via:

Cook, Steven C

2002-May-28 16:47 UTC

[Samba] Samba 2.2.3a does not allow non-root users to smbmount a share po int...

With smbmount/smbmnt/smbumount setuid root, the following command:

[sccook@dpcv-valhalla32 sccook]$ smbmount //dpswpgfs03/install netmnt -o
username=sccook,workgroup=amr

Gives the error:

libsmb based programs must *NOT* be setuid root.
2206: Connection to dpswpgfs03 failed
SMB connection failed

Yet, with the binaries *NOT* setuid root, the command

[sccook@dpcv-valhalla32 sccook]$ smbmount //dpswpgfs03/install netmnt -o
username=sccook,workgroup=amr

Gives the error:

Password:
smbmnt must be installed suid root for direct user mounts (501,501)
smbmnt failed: 1

It seems to be a cyclical issue.  This was discovered on a clean
"everything" install of Red Hat 7.3 ("Valhalla").  Is this
intentional, that
non-root users can no longer use SMB?  This seems counter-productive.
Please advise.

Thank you for you time and effort on this issue.

Steve Cook
--steven.c.cook@intel.com--
--253.371.5646--

abartlet@samba.org

2002-May-28 18:36 UTC

head link

[Samba] Samba 2.2.3a does not allow non-root users to smbmount a share po int...

On Tue, May 28, 2002 at 04:43:14PM -0700, Cook, Steven C
wrote:> With smbmount/smbmnt/smbumount setuid root, the following command:
> 
> [sccook@dpcv-valhalla32 sccook]$ smbmount //dpswpgfs03/install netmnt -o
> username=sccook,workgroup=amr
> 
> Gives the error:
> 
> libsmb based programs must *NOT* be setuid root.
> 2206: Connection to dpswpgfs03 failed
> SMB connection failed
> 
> Yet, with the binaries *NOT* setuid root, the command
> 
> [sccook@dpcv-valhalla32 sccook]$ smbmount //dpswpgfs03/install netmnt -o
> username=sccook,workgroup=amr
> 
> Gives the error:
> 
> Password:
> smbmnt must be installed suid root for direct user mounts (501,501)
> smbmnt failed: 1
> 
> It seems to be a cyclical issue.  This was discovered on a clean
> "everything" install of Red Hat 7.3 ("Valhalla").  Is
this intentional, that
> non-root users can no longer use SMB?  This seems counter-productive.
> Please advise.
smbmnt and smbumount *only* should be installed setuid root.  

smbmount is *NOT* secure when setuid root, and this check was added for your
safety.  (It would allow execution of any arbitary system command as root if
you did).

smbmnt is a small helper that is designed to allow the privilaged tasks to
be performed without undue risk.  It is intended to be safe, but somebody
should check it.

Andrew Bartlett

samba - May 2002 - Samba 2.2.3a does not allow non-root users to smbmount a share po int...

[Samba] Samba 2.2.3a does not allow non-root users to smbmount a share po int...

[Samba] Samba 2.2.3a does not allow non-root users to smbmount a share po int...