[Samba] samba domain vs linux network security
mourik jan c heupink
heupink at intech.unu.edu
Wed Nov 9 11:57:15 GMT 2005
I don't know if it is appropriate to ask here, if it is not, please
point me to the right lists (suse-linux-e..?)
I am using a samba pdc right now, and we want to start using linux for
(some) workstations as well. I have exported /home to my subnet, to
allow access via nfs. (so you will have your home directory available
both under windows and linux)
Under windows, you have to add a machine to the domain first, and only
THEN you are able to connect to your home drive.
Under linux, I have to make sure that the user id's match up (ldap, so
that's no problem) but some similar to "adding a workstation to the
domain" is not necessary there. Doesn't this make windows networking
much more secure?
Suppose I (as a regular user) would install my own linux machine, and
created users and groups with the same id's as the ldap users / groups.
My understanding now is, that I would be able to read other people's
data. (I would simply have to find out each users uid, and that would
allow me to pretend to be that user, and read his/her data)
I hope I am missing something vital here, or will this indeed work? That
seems like a big security issue to me...
More information about the samba