I have a security-sensitive customer...

David Collier-Brown David.Collier-Brown at Sun.COM
Thu May 19 12:24:22 GMT 2005


  In a discussion of Samba behavior, a customer asked why smbd processes,
which had in 2.x spent the majority of their time running under
the uid of the user, switched to running under the root uid in 3.x.

  They understand the performance costs, but normally 
try to guarantee "least privilege", and are concerned that
Samba had moved away from that.

  The material they store is corporate confidential, and 
they are happy with the access control provided by the Unix 
kernel (:-)). They wish to avoid privilege escalation 
leading to access control done **solely** by Samba.

 . Have we an answer to their concerns? In particular, are 
there cases where the way we do it is more secure?

--dave
-- 
David Collier-Brown,      | Always do right. This will gratify
Sun Microsystems, Toronto | some people and astonish the rest
davecb at canada.sun.com     |                      -- Mark Twain
(416) 263-5733 (x65733)   |


More information about the samba-technical mailing list