[Samba] Re: Security Hell

Darren Martz darren at shelbrook.com
Wed Aug 4 21:44:01 GMT 2004


Thanks for the response!!

I tried moving the readonly statement to the individual service entries. Two things happened...

1) I was able to browse but not write even though smbstatus shows that I am connected as an authorized user.

2) As an anonymous users, even public shares now require authorization to connect.




---------- Original Message ----------------------------------
From: "Jim C." <jcllings at javahop.com>
Date:  Wed, 04 Aug 2004 14:27:30 -0700

Darren Martz wrote:

> Problems:
> 1) when I change readonly to yes in global and authorized users do not have write access.

Suggest not putting it in global. Put it in the individual shares.

> 2) when I leave readonly in global as 'no' then "nobody" can write and change files??
> 3) when I add "nobody = *" to the user.map file nobody can log in or browse anything???
For 2 you may try placeing invalid users = nobody in the individual shares.

For 3 I think that what nobody = * means is that nobody = [everybody 
includeing admin user therefore admin privledges]

Try this HOWTO: http://us2.samba.org/samba/docs/man/Samba-Guide/

-- 

-----------------------------------------------------------------
| I can be reached on the following Instant Messenger services: |
|---------------------------------------------------------------|
| MSN: j_c_llings at hotmail.com  AIM: WyteLi0n  ICQ: 123291844 	|
|---------------------------------------------------------------|
| Y!: j_c_llings               Jabber: jcllings at njs.netlab.cz	|
-----------------------------------------------------------------

-- 
To unsubscribe from this list go to the following URL and read the
instructions:  http://lists.samba.org/mailman/listinfo/samba

 




________________________________________________________________
Sent via the WebMail system at shelbrook.com


 
                   


More information about the samba mailing list