samba4 auth and recovery password
Henrik Nordstrom
hno at squid-cache.org
Sun Nov 13 18:01:08 GMT 2005
On Sun, 13 Nov 2005, Simo Sorce wrote:
> 1. If samba4 configured with --recoverypass=**** then on make install it
> will install a recoverypass.txt file owned by root and with 600
> permissions in /private
I would advise agains this. Configure options gets recorded in a bit too
many places, and the way users uses configure parameters many users will
enter sensitive passwords to this option, unaware that their entry will be
recorded in plain text all ower the build tree and command history.
> 2. In any case if a file is found the password is read from there.
Good. Please also support hashed form.
> 3. If the file does not exist, samba4 will generate a random password at
> runtime and place it in the file.
Why?
For security reasons a recovery password should only be available if
configured. And as you point out once the system has been configured the
recovery password has fulfilled it's job and should at that point be
disabled permanently (until manually reset again).
Better to provide a separate tool for setting (and enabling) the recovery
password.
Regards
Henrik
More information about the samba-technical
mailing list