inappropriate checking in smbpasswd when changing passwords (api_SamOEMChangePassword in smbd/ipc.c)

David Collier-Brown - Sun Canada davecb at
Tue Apr 11 12:10:05 GMT 2000

"James Caccese" <jwcacces at> wrote:
| the server checks the old password against an entry in smbpasswd [file]. 
| This means the users can only change their password if smbpasswd [file] is
| kept in sync with the unix password database!

	Thank you, kind sir: you just explained what another 
	commentator was going nuts over.  And yes, it indeed
	sounds bogus...
David Collier-Brown in Boston
Phone: (781) 442-0734, Room BUR03-3632

More information about the samba-technical mailing list