URGENT: REDHAT 6.1 STORES SAMBA PRIVATE FILES IN /etc

Jeremy Allison jeremy at valinux.com
Mon Dec 20 22:48:21 GMT 1999


Luke Kenneth Casson Leighton wrote:
> 
> sum(0..n)(security)t tends to zero, as number of idiots tends to infinity.

Yes I know.

> jeremy, the pam writers created an /etc/security directory for these sorts
> of things. the /etc/security directory is there to make it really, really
> obvious that these files are not to be messed with.
> 
> we create a private/ directory for the same reasons.
> 
> we modify the permissions not only on the file but also on the directory
> to be root-access only.
> 
> readhat thinks otherwise, it seems.

I agree, that what we do is more paranoid than what they
do, but you must understand that what they do is *NOT*
a security hole.

You must be *very* careful about screaming "security hole"
when no such problem exists. People get *very* twitchy,
and with good reason, when you publically accuse them
of such things.

Remember the boy who cried wolf....

NOTE for the clueless :-).
RedHat 6.x does *NOT* have a security hole here !!!

Regards,

	Jeremy Allison,
	Samba Team.

-- 
--------------------------------------------------------
Buying an operating system without source is like buying
a self-assembly Space Shuttle with no instructions.
--------------------------------------------------------


More information about the samba mailing list