No subject

Tue Dec 2 04:10:01 GMT 2003

Installing Samba 

It's important to run the latest version of Samba. For example, a security 
hole has been discovered in versions 2.2.2 through 2.2.6 of Samba that could 
potentially allow an attacker to gain root access on the target machine. It 
pays to stay up to date ;-) 

Download the files: 

$ wget
$ wget 

These days, it's strongly recommended that you verify the PGP signature for 
any source file before installing it. Download the Samba PGP Public Key file 
from and run: 

$ gpg --import samba-pubkey.asc
$ gpg --verify samba-2.2.7.tar.gz.asc 

If you receive a message like, "Good signature from Samba Distribution 
Verification Key..." then all is well. The warnings about trust 
relationships can be ignored. An example of what you would not want to see 
would be: 

gpg: Signature made Mon Aug 26 19:06:30 2002 PDT using RSA key ID 628E0A02
gpg: BAD signature from "Samba Distribution Verification Key" 

----- End forwarded message -----

More information about the samba-technical mailing list