Samba Security breach ?

Anders C. Thorsen anders at
Wed Jan 3 16:52:51 GMT 2001

It could be because on HP-UX the user nobody is not allowed to use shared
Also, ofthen nobody has a userid that's too high for a 16bit word, and
sometimes it has -1.


-----Original Message-----
From: samba-technical-admin at
[mailto:samba-technical-admin at]On Behalf Of Welsh, Armand
Sent: Wednesday, January 03, 2001 5:09 PM
To: 'Ron Alexander'; Samba-Technical
Subject: RE: Samba Security breach ?

Just curious, what happens if you map user student, to account ftp, or some
other account that has restricted access rights.  I remember reading
somewhere that it's prefered to use a guest user account, like ftp, instead
of nobody, for restricted shares.  Though I don't remember what the reason
was... I will investigate, and see if it has anything to do with this

-> -----Original Message-----
-> From: Ron Alexander [mailto:rcalex at]
-> Sent: Wednesday, January 03, 2001 4:27 AM
-> To: Samba-Technical
-> Subject: Fw: Samba Security breach ?
-> > When I created a Unix user student everything behaved like
-> normal. I could
-> > not access share jdoe. It seems to me that there is a bug
-> in the Samba
-> > source somewhere where the mapping from student to nobody
-> is being done.
-> > I have looked at the code, but is is not easy to
-> comprehend what is going
-> > on.

More information about the samba-technical mailing list