[samba-tng] "invalid users = root" causes tng to fail.
Luke Kenneth Casson Leighton
lkcl at samba.org
Sat Mar 11 01:34:57 GMT 2000
On Fri, 10 Mar 2000, Karl Denninger wrote:
> On Sat, Mar 11, 2000 at 11:48:31AM +1100, Luke Kenneth Casson Leighton wrote:
> > On Fri, 10 Mar 2000, Karl Denninger wrote:
> >
> > > "valid users = root" does NOT have to be there.
> >
> > correct. actually, what i've done, because it's become_vuser() and only
> > used in dce/rpc daemons, is to disable check_vuser_ok() which means that
> > valid users and invalid users doesn't apply to the msrpc services, any
> > more.
> >
> > if anyone _really_ wants to be able to deny or permit access to msrpc
> > services, let me know, and i'll arrange something.
>
> Isn't there a potential problem if you can do msrpc things in general?
it's a long story, karl. pipes themselves are the "first line of
defence". from thereon, it's a per-function permission issue, on a
case-by-case basis.
More information about the samba-technical
mailing list