smbpasswd changes root password

Herb Lewis herb at chomps.engr.sgi.com
Tue Jan 25 18:27:19 GMT 2000


Ramesh Babu wrote:
> 
> Hi,
> 
> This is a very scary problem I have here. I use a precompiled 2.0.6 samba
> on my SGI IRIX 6.3 system. I also have smbpasswd file setup. When I tried
> to change the samba password using smbpasswd program ( from a non root
> account whic I use) I got an error messgae saying that it cannot change
> the password. My goodness, I found that the instead of changing password
> for my account smbpasswd changed the root account password. This
> particular account has second group id "sys" and password program has both
> suid and sgid bits turned on. I do not know if this is some bug in the
> smbpasswd progarm or in my setting. I cannot imagine what would have
> happend if some other user has tried to change his samba password. Can
> anybody tell me what went wrong. Here is my smb.conf file.
> 

smbpasswd SHOULD NOT have suid and sgid bits set. The binaries that I
create have it set to 0755 only. Somebody has changed your settings.

-- 
======================================================================
Herb Lewis                                   Silicon Graphics 
Networking Engineer                          2011 N Shoreline Blvd
Strategic Software Organization              Mountain View, CA  94043  
herb at sgi.com                                 Tel: 650-933-2177
http://www.sgi.com                           Fax: 650-932-2177          
======================================================================


More information about the samba mailing list