[Samba] Samba [2.2.3a-6] printing: looks like a major security hole?
Oleg Noskov
olegn at xandros.com
Thu May 16 10:50:02 GMT 2002
Hello,
We're running Samba 2.2.3a-6 on Debian (Woody).
With security level set to "share" we share a local printer and
everything works.
Now I'm trying to impose access restrictions on that printer:
-----------------------------------
[global]
security=share
printing=cups
printcap name=cups
...
[myprinter]
browseable=no
path=/tmp
public=no
printable=yes
writable=no
valid users=user1
-----------------------------------
Testing this from another Samba box works OK: only user1 can
successfully print.
Now guess what... I try to print from Win2K box logged in as another
user. It prints :(
How is Win2K able to bypass Samba security here?
Isn't it a major security hole?
Thanks,
Oleg Noskov
Xandros Corp.
More information about the samba
mailing list