<snip> mount.cifs in 3.0.25b is assuming wrong semantics for the CIFS_IOC_CHECKUMOUNT ioctl: the return value of ioctl() is checked for a value > 0, when the standard error return from ioctl (and the error return in this case) is -1 with errno set to a more descriptive value. As a result of misinterpreting the return value, umount.cifs is allowing all users to unmount shares mounted by any other user. In specialized circumstances, this could become a security hole if a user believes their mount point is safe and the share is unmounted to expose malicious directory contents below. <snip> @dev-zero - I made an updated tarball and grabbed a patch from GIT, see http://dev.gentooexperimental.org/~jakub/overlay/net-fs/mount-cifs/ for updated ebuild. This also fixes Samba bug 4781 (umount.cifs can't clean up /etc/mtab if trailing slashes used).
Samba herd, please bump.
Done. Thanks, Jakub!
arches, please stabilize net-fs/mount-cifs-3.0.28.
x86 stable
ppc and ppc64 done
Stable for HPPA.
amd64 done.
alpha/ia64/sparc stable
adding mips
This one is ready for GLSA vote. I vote NO.
voting NO too, and closing.