Samba Security breach ?
Anders C. Thorsen
anders at cwd.no
Wed Jan 3 16:52:51 GMT 2001
It could be because on HP-UX the user nobody is not allowed to use shared
memory.
Also, ofthen nobody has a userid that's too high for a 16bit word, and
sometimes it has -1.
--Anders
-----Original Message-----
From: samba-technical-admin at us5.samba.org
[mailto:samba-technical-admin at us5.samba.org]On Behalf Of Welsh, Armand
Sent: Wednesday, January 03, 2001 5:09 PM
To: 'Ron Alexander'; Samba-Technical
Subject: RE: Samba Security breach ?
Just curious, what happens if you map user student, to account ftp, or some
other account that has restricted access rights. I remember reading
somewhere that it's prefered to use a guest user account, like ftp, instead
of nobody, for restricted shares. Though I don't remember what the reason
was... I will investigate, and see if it has anything to do with this
situation.
-> -----Original Message-----
-> From: Ron Alexander [mailto:rcalex at home.com]
-> Sent: Wednesday, January 03, 2001 4:27 AM
-> To: Samba-Technical
-> Subject: Fw: Samba Security breach ?
-> > When I created a Unix user student everything behaved like
-> normal. I could
-> > not access share jdoe. It seems to me that there is a bug
-> in the Samba
-> > source somewhere where the mapping from student to nobody
-> is being done.
-> > I have looked at the code, but is is not easy to
-> comprehend what is going
-> > on.
More information about the samba-technical
mailing list