Samba 2.0.9 release - SECURITY FIX
NEZU, Kensuke
wizard at innocent.com
Fri May 11 15:01:47 GMT 2001
Michael Sweet wrote:
>
> Kenichi Okuyama wrote:
> > ...
> > 3) In 'samba/examples/' of both 2.2.0 and 2.0.*, there are many
> > smb.conf examples. And in them, you give (with commented out
> > though) example of how to share /tmp among peoples.
> > Won't this become problem? I mean, letting people open the
> > file inside /tmp directory do have chance of stepping onto
> > other people's temporary files, won't we?
>
> Not as long as the "sticky" bit is properly set on the share and
> the SAMBA usernames map to unique UNIX usernames...
I think it's BAAAD these examples for the purpose of guide for beginner
users because /tmp is usualy clean up by cron daemon.
I oftenly have been seen beginners' smb.conf that /tmp share used as their
important files share; *NOT* temporary file(s).
And they all said "I refered examples in Samba source."
Regards,
--
----------
Kensuke Nezu, nez at samba.gr.jp
Auditor , Samba Users Group in Japan
More information about the samba-technical
mailing list