Samba 2.0.9 release - SECURITY FIX

[NEZU, Kensuke]

Michael Sweet wrote:
> 
> Kenichi Okuyama wrote:
> > ...
> > 3) In 'samba/examples/' of both 2.2.0 and 2.0.*, there are many
> >   smb.conf examples. And in them, you give (with commented out
> >   though) example of how to share /tmp among peoples.
> >   Won't this become problem? I mean, letting people open the
> >   file inside /tmp directory do have chance of stepping onto
> >   other people's temporary files, won't we?
> 
> Not as long as the "sticky" bit is properly set on the share and
> the SAMBA usernames map to unique UNIX usernames...

I think it's BAAAD these examples for the purpose of guide for beginner
users because /tmp is usualy clean up by cron daemon.
I oftenly have been seen beginners' smb.conf that /tmp share used as their
important files share; *NOT* temporary file(s).
And they all said "I refered examples in Samba source."
 
Regards,
--
----------
Kensuke Nezu, nez at samba.gr.jp
Auditor , Samba Users Group in Japan