[ALUG] How to mount a CIFS file system as a user?

Chris G cl at isbd.net
Thu Oct 18 08:43:00 BST 2007


On Thu, Oct 18, 2007 at 02:16:09AM +0100, Wayne Stallwood wrote:
> On Wed, 2007-10-17 at 22:01 +0100, Chris G wrote:
> > There are a few references to this if you do a Google search.
> > 
> > It turns out that the easy way to get it to work is to set the SUID
> > bit on /sbin/mount.cifs and /sbin/umount.cifs, it now works for me.
> 
> Does that not leave the system quite vulnerable ?
> 
> If you suid mount commands couldn't I (as a user) now copy /etc to a
> cifs share someplace, change passwd and then mount it back over
> your /etc to gain root ?
> 
> Or am I missing something that would prevent that from working ?
> 
It does say (in some of the places where it suggests it) that one must
have an environment where users are trusted.  Since my environment is
just me all I need to protect against is my stupidity/fallibility.

In addition the /etc/shadow file shouldn't be readable to anyone
except root and so won't get copied if you copy /etc, I expect there
may be other files in /etc that aren't world readable for the same
reason.

-- 
Chris Green




More information about the main mailing list