FW: URGENT: REDHAT 6.1 STORES SAMBA PRIVATE FILES IN /etc
Matthias Wächter
matthias at waechter.wol.at
Wed Dec 22 08:32:37 GMT 1999
On Wed, 22 Dec 1999, Chris Tooley wrote:
> Samba's apps could do something like sendmail. sendmail will not run unless
> base set of sane permissions exist on various files and directories, unless
> you
> set a particular macro (I think that is the right word) to true. The macro
> is something like DontBlameSendmail. I think this is a pretty good approach,
> and could easily be incorparated into Samba...james
I would suggest to make this not an option for the configs (i.e. like an
m4 macro in sendmail) but a compile time option. This has two points:
1. Admins really have to know what they do if they do what they wanna do.
2. Hackers had to recompile Samba instead of just gaining access to the
config to unlock this part of the security scheme.
Sehr Wus,
- Matthias
--
Wer reitet so spät durch Nacht und Wind?
- Wos waas I
-----------------------------------------------------------------------------
More information about the samba-ntdom
mailing list