[Samba] valid users = %S in rc4
Jeremy Allison
jra at samba.org
Fri Sep 26 18:05:19 GMT 2003
On Fri, Sep 26, 2003 at 10:28:00AM -0600, Petty, Robert wrote:
> No, I haven't filed a bug report...
>
> The key part of my message "was":
> "Since nobody's home > directory was "/" > > it would open the root
> directory"
>
> I have changed it since I immediately recognized it as a security issue.
>
> The initial response to "Why is 'nobody' home set at '/' - why not '/tmp'
> or" is that when you install a brand new version of Solaris 9, that's how
> Sun sets it. Ironically, applying jass didn't change it! Seems to me that
> jass missed a key issue. anyhow, I'm heading off topic.
>
> This will be interesting to see how the %S plays out since we essentially
> require it to enforce security for home directories....
I intend to fix it. Please wait for a patch.
Thanks,
Jeremy.
More information about the samba
mailing list