Hi, It is actually a temporary mesure until mount.cifs will be fixed to be safe when it is setuid, see : http://lists.samba.org/archive/linux-cifs-client/2010-February/005558.html
As I understand, the threat is a local root exploit. But I think that a lot of people don't expect that somebody make a local root exploit in their computer. For example the people that are the only user using their computer. Nobody else than them can login, right ? So why not instead of making impossible mount.cifs to be used setuid (which seems to me not improving the security for all the users), tell the users when it is safe to be launch setuid and when it is not, so they could make the choice ? Bye Jonas -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
