CVS update: samba/source/printing
Tim Potter
tpot at linuxcare.com.au
Tue Jul 11 11:17:32 EST 2000
Jeremy Allison writes:
> Modified Files:
> nt_printing.c
> Log Message:
> Allow name lookup to fail and fall back to using the "Everyone" SID
> as SD owner. Allows smbd to work without winbindd running.
> Check for security implications !
> Jeremy.
This is Not Good as if the SD is owned by Everyone, then anyone
can then apply changes to the security descriptor while winbindd
is not running. May I suggest changing the owner to the NULL sid
S-1-0-0? se_access_check() may have to be changed to not allow
access to an object owned by the NULL sid by a user with the NULL
sid.
Tim.
More information about the samba-cvs
mailing list