Smbpasswd and setuid
Gerald (Jerry) Carter
jerry at samba.org
Sat Oct 20 05:58:02 GMT 2001
On Sat, 20 Oct 2001, The DJ wrote:
> You'r thinking too much unix style now ;-)
> It wouldn't be the mac way to do.
Has anyone mentioned that if the smbpasswd binary is setuid root,
then any user can change any user's password (or add accounts
such as root to the smbpasswd file)? Making the surrent smbpasswd
setuid root would be very bad in regards to security.
cheers, jerry
More information about the samba-technical
mailing list