[Bug 380272] [NEW] /etb/mtab shows cifs mount options usernames and password

Launchpad Bug Tracker 380272 at bugs.launchpad.net
Wed Jun 3 22:56:56 BST 2009

*** This bug is a security vulnerability ***

You have been subscribed to a public security bug:

Binary package hint: mount

When mounting CIFS share you can read all mount options from /etc/mtab.
This is major security risk if you are using shared network resources.
Here is example of mine cifs mount information:

//****t /home/<username>/Mount/Te****t cifs
0 0

I found this on Ubuntu 8.10 server and 9.10 desktop edition.

Could this one fix it : 

- Terrrorr

** Affects: samba (Ubuntu)
     Importance: Undecided
         Status: Confirmed

/etb/mtab shows cifs mount options usernames and password
You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to samba in ubuntu.

More information about the Ubuntu-server-bugs mailing list