new parameter: "secure include"
David Collier-Brown
davecb at canada.sun.com
Thu Jun 10 18:59:17 GMT 1999
CAE Samba Admin wrote:
> I understand the the loophole, but want to clarify the
> fix/shortcut (sorry, I'm not the most experianced unix programmer).
>
> If the actualy config file (not the symlink) is:
>
> /usr/local/samba/lib/smb_globals-dept.conf
>
> Then I should ensure that /usr/local/samba/lib meets the three
> conditions as well.
Yes.
> Also, it is accepted that checking this directory
> alone (not everything before it) is secure?
No, but it does catch the most common case.
--dave
More information about the samba-technical
mailing list