[Samba] Winbind local idmap/cache database security concerns

Shawn Iverson shawn at nccsc.k12.in.us
Thu Jan 22 01:29:41 GMT 2004

> From: Andrew Bartlett [mailto:abartlet at samba.org]
> Sent: Wednesday, January 21, 2004 5:33 PM
> Secondly, you will notice that /usr/sbin is accessible by all 
> users, it
> is just not in the default path for all users, as most users 
> don't have
> the *need* to access those programs.  That said, a 'normal user' can
> (and often will) run /sbin/ifconfig, or similar tools for perfectly
> legitimate reasons.
> Finally, by removing these basic system programs, shell 
> scripts that use
> them for the designed purpose will break.
> Andrew Bartlett

Thanks to everyone who responded to my post.  I found the information very
beneficial.  I can't wait to deploy linux workstations in our domain and
finally start breaking away from the grip of Microsoft!

More information about the samba mailing list