I have a security-sensitive customer...
David.Collier-Brown at Sun.COM
Thu May 19 12:24:22 GMT 2005
In a discussion of Samba behavior, a customer asked why smbd processes,
which had in 2.x spent the majority of their time running under
the uid of the user, switched to running under the root uid in 3.x.
They understand the performance costs, but normally
try to guarantee "least privilege", and are concerned that
Samba had moved away from that.
The material they store is corporate confidential, and
they are happy with the access control provided by the Unix
kernel (:-)). They wish to avoid privilege escalation
leading to access control done **solely** by Samba.
. Have we an answer to their concerns? In particular, are
there cases where the way we do it is more secure?
David Collier-Brown, | Always do right. This will gratify
Sun Microsystems, Toronto | some people and astonish the rest
davecb at canada.sun.com | -- Mark Twain
(416) 263-5733 (x65733) |
More information about the samba-technical