VB: become_root remove patches (head)
Luke Kenneth Casson Leighton
lkcl at switchboard.net
Wed Aug 18 22:24:12 GMT 1999
On Wed, 18 Aug 1999, Stephen Langasek wrote:
> Sorry, another thing occured to me... you wouldn't want /all/ the
> information in the smbpasswd file moved to individual files owned by the
> users. Users could not only fill the files with bogus data, they could also
> do things like, oh... re-enabling their own accounts after they've been
> disabled by the administrator.
that's controlled by ACB bits [UD ] (which means it's a user
account and it's disabled) which should remain in private/smbpasswd.
smbpassfile.c contains user passwords plus a time stamp (last changed
time) which is _Exactly_ what's needed.
> Also, Unix traditionally requires the user to be able to prove he knows the
> old password before allowing a password change. Compromising user accounts
> becomes a lot easier if any process running with the user's permissions can
> modify the smb password entry.
then that's a good reason to stick to using become_root() around the user
password change call, then, innit? :-)
More information about the samba-technical