No subject
Tue Dec 2 04:10:01 GMT 2003
Installing Samba
It's important to run the latest version of Samba. For example, a security
hole has been discovered in versions 2.2.2 through 2.2.6 of Samba that could
potentially allow an attacker to gain root access on the target machine. It
pays to stay up to date ;-)
Download the files:
$ wget http://us1.samba.org/samba/ftp/samba-2.2.7.tar.gz
$ wget http://us1.samba.org/samba/ftp/samba-2.2.7.tar.gz.asc
These days, it's strongly recommended that you verify the PGP signature for
any source file before installing it. Download the Samba PGP Public Key file
from http://us1.samba.org/samba/ftp/samba-pubkey.asc and run:
$ gpg --import samba-pubkey.asc
$ gpg --verify samba-2.2.7.tar.gz.asc
If you receive a message like, "Good signature from Samba Distribution
Verification Key..." then all is well. The warnings about trust
relationships can be ignored. An example of what you would not want to see
would be:
gpg: Signature made Mon Aug 26 19:06:30 2002 PDT using RSA key ID 628E0A02
gpg: BAD signature from "Samba Distribution Verification Key"
----- End forwarded message -----
--
Martin
More information about the samba-technical
mailing list