[Samba] winbind - security hole?
roland.schwarz at chello.at
Mon Mar 20 07:54:22 GMT 2006
I am trying to use winbind to authenticate users from some linux based
workstations against a (linux based) PDC. I have set ldap as the Idmap
backend to get consistent uid/gid mapping across the domain. Everything
works fine so far.
The client workstation has the full right to modify the Idmap mappings.
Of course only root on the client workstation is able to see the
password in plain that is necessary to do this.
Consequently if someone is having root access on any single workstation,
he can modify the mapping at will to get root access to the entire
domain. The only remedy I can see is to disallow root access on all
workstations (which is a very undesirable fact).
Are I am missing something, or is there a different setup possible to
omit this security loophole?
More information about the samba