svn commit: samba r23047 - in
branches/SAMBA_4_0/source/scripting/ejs: .
Rafal Szczesniak
mimir at samba.org
Tue May 22 06:43:45 GMT 2007
On Tue, May 22, 2007 at 04:32:30PM +1000, tridge at samba.org wrote:
> Rafal,
>
> > Well, yes, you're right. I messed the order :) But it should be ok,
> > to reverse the order of inclusion - defined paths first, local dir
> > second. This would allow not to substitue commonly used include files
> > and still be able to include something local.
>
> no, it's not OK. It's _never_ ok.
>
> Imagine that Samba is installed in /net/some_nfs/drive/samba and nfs
> is down. What happens then? smbstatus then goes to '.' and the
> security hole is back.
>
> Please just revert the patch. There is no way we should ever be
> looking in '.' for scripts or libraries of any kind.
ok, you're right. My foolish mistake. It's reverted now.
My life is more complicated back again ;-)
cheers,
--
Rafal Szczesniak
Samba Team member http://www.samba.org
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : http://lists.samba.org/archive/samba-technical/attachments/20070522/2e29955d/attachment.bin
More information about the samba-technical
mailing list