[Samba] samba domain vs linux network security

mourik jan c heupink heupink at intech.unu.edu
Wed Nov 9 11:57:15 GMT 2005


Dear list,

I don't know if it is appropriate to ask here, if it is not, please 
point me to the right lists (suse-linux-e..?)

I am using a samba pdc right now, and we want to start using linux for 
(some) workstations as well. I have exported /home to my subnet, to 
allow access via nfs. (so you will have your home directory available 
both under windows and linux)

Under windows, you have to add a machine to the domain first, and only 
THEN you are able to connect to your home drive.

Under linux, I have to make sure that the user id's match up (ldap, so 
that's no problem) but some similar to "adding a workstation to the 
domain" is not necessary there. Doesn't this make windows networking 
much more secure?

Suppose I (as a regular user) would install my own linux machine, and 
created users and groups with the same id's as the ldap users / groups. 
My understanding now is, that I would be able to read other people's 
data. (I would simply have to find out each users uid, and that would 
allow me to pretend to be that user, and read his/her data)

I hope I am missing something vital here, or will this indeed work? That 
seems like a big security issue to me...




More information about the samba mailing list