Best choice for ntlm_auth's access to winbindd_privileged
abartlet at samba.org
Thu Sep 14 21:46:33 GMT 2006
On Thu, 2006-09-14 at 20:50 +0400, Dmitry Butskoy wrote:
> According to nltm_auth(1) man page,
> > Some of these commands also require access to the directory win-
> > bindd_privileged in $LOCKDIR. This should be done either by running
> > this command as root or providing group access to the winbindd_privi-
> > leged directory. For security reasons, this directory should not be
> > world-accessable.
> As a rpm packager (for mod_ntlm_winbind under Fedora Extras) I'm trying
> to find some solution to avoid the need of manual permission changes
> after the install. In other words, to write some post-install scripts
> for the package which do this job automatically.
> My question is:
> For security reasons, just the directory should not be world-accessable,
> or even ntlm_auth binary itself should not be world-accessable too? In
> other words, is the setgid way security clean?
No, it is not. The binary does not enforce any more security control
over the critical point (being able to specify the challenge) than the
raw socket does.
Andrew Bartlett http://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
Samba Developer, Red Hat Inc. http://redhat.com
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/samba-technical/attachments/20060915/3893eec9/attachment.bin
More information about the samba-technical