svn commit: samba r19383 - in
idra at samba.org
Wed Oct 18 13:11:12 GMT 2006
On Wed, 2006-10-18 at 09:00 -0400, derrell at samba.org wrote:
> Andrew Bartlett <abartlet at samba.org> writes:
> > On Wed, 2006-10-18 at 00:29 +0000, derrell at samba.org wrote:
> >> Author: derrell
> >> Date: 2006-10-18 00:29:26 +0000 (Wed, 18 Oct 2006)
> >> New Revision: 19383
> >> WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=19383
> >> Log:
> >> pass only the base filename of an ldb file to be opened; allow server to prepend path where it's located (private_dir)
> >> Modified:
> >> branches/SAMBA_4_0/services/samba/ldb.esp
> > I'm a bit worried about the idea that a web client can specify a file to
> > open on the server. Can't we have a hard-coded list instead?
> > A number of databases do not have explicit access control, as they are
> > file-permissions are restricted to root, and are only used internally.
> Once I put in an authentication function, you'll have only the same access
> that you already have using the ejs interface with smbscript. That should
> mitigate your concern. Also, I assume (erroneously?) that smbd runs as a
> non-root user except when it needs to be root, so the web server wouldn't have
> access to permissions-protected files anyway. Is that an invalid assumption?
Beeeeep, wrong assumption! :-)
We often run as root (samba 3 too).
For file access via CIFS we run as user of course, but I don't think we
switch user on other protocols, we should probably consider carefully if
it we should sooner or later. But often services need to access files
available only to root (kerberos keytab and ldap passwords come to mind,
there are probably other files).
Samba Team GPL Compliance Officer
email: idra at samba.org
More information about the samba-technical