similar to: Setuid bit always set on Vista mount

I'm not sure this is the proper forum to post to, but I hope someone can point me in the right direction if not have the answers. We have a RedHat Enterprise 5 AS machine, fully patched, with the most recent samba RPMs installed. The machine is joined to Active Directory via a 3rd party program called Centrify. An AD user, when logged into this system, is given permission to run /bin/mount via

Hi OpenSSH developers, I'm using OpenSSH on a daily basis and I'm very pleased with the work you've done. I am contributing to some Open Source software hosted at Savannah https://savannah.nongnu.org/projects/tsp and we recently hit some sftp unexpected behavior: https://savannah.gnu.org/support/?105838 when using chmod sftp client command it appears that setuid / setgid bits are

https://bugzilla.mindrot.org/show_bug.cgi?id=1893 Summary: change ssh-keisign to setgid from setuid Product: Portable OpenSSH Version: 5.8p1 Platform: All OS/Version: All Status: NEW Severity: normal Priority: P2 Component: Miscellaneous AssignedTo: unassigned-bugs at mindrot.org

Package: logcheck-database Version: 1.2.33 Severity: normal I just installed 1.2.33, and it made my rules dirs setuid, not setgid... - Marc -- System Information: Debian Release: 3.1 APT prefers testing APT policy: (900, 'testing'), (300, 'unstable') Architecture: i386 (i686) Kernel: Linux 2.6.8-1-k7 Locale: LANG=en_CA, LC_CTYPE=en_CA (charmap=ISO-8859-1) Versions of

version: rsync v2.6.1 (+ a minor, unrelated patch). I'm rsyncing files (not as root) and am happy (indeed, for what I want, delighted) that the files at the target side end up owned by the account doing the rsync. However, I've found that if I have a setuid/setgid file on the source side, the target file ends up setuid/setgid too (but under a different id!). This happens whether

Hello everyone. I hope I can get some help with this problem we are having. We have a CIFS mount (from a NetApp) were we write files (php application). Then the files are being copied to a directory in the same CIFS filesystem, then a process on a Windows server picks up the file and deletes it. The thing is, later the php app, generates a new file and when it tries to copy it it says

Hi We are building a Linux app under Centos 5.3, using gnu make 3.81 and gcc 4.12. The working directory is on a remote machine and is either a Samba share or a Windows 7 share. We find that in the case of a Windows 7 share the resulting executable has the sticky bit set in group: On Windows 7 share: -rwxrwSrwx 1 <snip> myapp On Samba share: -rwxrwx--x+ 1 <snip> myapp The

Hi all again... I did a chroot patch with ability to change uid and gid. I dunno if you all approve with the current implementation but the patch is small and it works here. remember to CC, since i'm not on this ml... //Ian Kumlien PS. To anyone on vorbis-dev, I'm *REALLY* sorry must be tired or something.. =) DS. <p><p><p> -------------- next part -------------- A

I was trying to process a bunch of folders to sync them to another drive and ran across an error I haven’t seen before. Normally I do this sync via a mounted file system, but this time I tried to do it over ssh: find . -type f -atime -1 -exec rsync -aP {} 10.0.0.11:/Volumes/Drive5/{} \; bash: -c: line 0: syntax error near unexpected token `(' bash: -c: line 0: `rsync --server -logDtpre.iLsfx

Apologies for v3 series, I had some extra patches in there. This is the one that should have been sent. Relabeled as v4 for clarity. Third respin of this series. Reordered for better safety for bisecting. The environment scraping is now on by default, but can be disabled with "-E" in environments where it's not needed. Also, I've added a patch to make cifs.upcall drop

All, Could someone explain the purpose of the uidswap functions with respect to ssh ( the client ). From what I gathered , ssh installs as setuid root and swaps ids when reading potential key files that may be read only by root. Also , I think when binding to a privileged port ssh swaps id. Is that so? What are the consequnences if you do not install ssh setuid root? ( As far I as know no uid

https://bugzilla.mindrot.org/show_bug.cgi?id=1310 Damien Miller <djm at mindrot.org> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |djm at mindrot.org Blocks| |1452 --- Comment #3 from Damien Miller

I think this is more a philosophical issue. Some people want all applications to be like windows. "Are you sure you want to delete this file" <YES> "really"<yes>"it might make something stop working<yes>"permission denied". Unix assumes you know what you're doing. If you don't, tough. There's no reason you can't make a

On Fri, 19 Jul 2002, Dan Stromberg wrote: > Many apologies. If we update on the nfs server, as we've intended all > along, we should have no .nfs* files. Well, here's one thing that could make them, even if they're being created only directly, not over NFS. I'm watching the directory you're syncing into. I open the file while it's still there. You delete it, and

Small respin of the patches that I posted a few days ago. The main difference is the reordering of the series to make it do the group and grouplist manipulation first, and then the patch that makes it grab the KRB5CCNAME from the initiating process. I think the code is sound, my main question is whether we really need the command-line switch for this. Should this just be the default mode of

Hi All, I've done quite a bit of research on this one and if I'm honest about the cause of this "fault" it's probably because I'm trying to do too much "outside the box" :) Nevertheless I enjoy the challenge so here is the scenario: I have a Samba Service (v3.2.5) providing file shares running on Debian 2.6. The samba server uses a Windows Domain server for

I'm running Debian/Squeeze on an AMD64 system. For some reason they have recently stopped shipping mount.cifs with the setuid bit set. Now it appears that they have changed the internal settings to prevent it from running setuid. This means that I can't define the share in fstab with "user" and connect from my Linux user account. Mounting smb/cifs shares seems to be blocked

> > > never seen a file created with a newline in the filename > > (except, perhaps as a test). The newline in filename issue > > And in security exploits :-) Given a newline-based format, one *must* > quote or deny newlines in filenames, not assume they're rare. (No > obvious reason not to use URL-style %-quoting, or mime-style > =-quoting, if you want to

> > This brings up an issue that I believe can be solved in a simpler way than > > with brute force C code. I suspect some of you will cringe when you hear > > this, but a taintperl log parsing program would be best for this. rsync > > could generate a verbose log file that is not human readable, designed to > > be read by a perl postprocessing script. I think this

Hello! Please, help! I have trouble with Dovecot's Deliver utility. I don't know how to avoid errors. Let me know what additional related information do you need? 1) Its call in Exim's configure: ========================================== local_delivery_spam_transport: driver = pipe command = /usr/local/libexec/dovecot/deliver -c