URGENT: REDHAT 6.1 STORES SAMBA PRIVATE FILES IN /etc
Luke Kenneth Casson Leighton
lkcl at samba.org
Mon Dec 20 21:45:43 GMT 1999
On Mon, 20 Dec 1999, Jeremy Allison wrote:
> Luke Kenneth Casson Leighton wrote:
> >
> > dear redhat,
> >
> > i examined a friend's system today, to help him configure it. assuming
> > that he just "installed" from scratch the samba package, it appears that
> > you have provided a default smb.conf file for redhat 6.1 that puts samba
> > private configuration files in /etc. the suggested options, for example
> > show "smbpasswd file = /etc/smbpasswd".
> >
> > this is REALLY bad.
> >
> > 1) you CANNOT put smbpasswd in /etc.
> >
> > 2) you CANNOT put private files DOMAIN.TRUST_ACCOUNT.mac in /etc.
> >
> > i know that these require root access, however if your users start to
> > assume that just because these files are in /etc, they are equivalent to
> > /etc/passwd, they may decide to make these world-readable, and as a result
> > they will compromise the security of the box, and potentially the security
> > of remote nt-compatible boxes too (including other samba servers) because
> > these files contain CLEAR_TEXT EQUIVALENT PASSWORDS.
>
> Hang on a sec. Luke. They can do this so long as these
> files are read only by root. Only stupid people will
> change these files to world readable. Stupid people
> shouldn't be admining systems :-).
sum(0..n)(security)t tends to zero, as number of idiots tends to infinity.
> I agree it would be safer to have a /etc/samba-private
> directory set root only, but they do not ship the system
> as insecure by default (ie. they *can* put root read
> only files in /etc, and it *is* safe to do so).
jeremy, the pam writers created an /etc/security directory for these sorts
of things. the /etc/security directory is there to make it really, really
obvious that these files are not to be messed with.
we create a private/ directory for the same reasons.
we modify the permissions not only on the file but also on the directory
to be root-access only.
readhat thinks otherwise, it seems.
More information about the samba-technical
mailing list