[Samba] Samba4-AD - named.conf
Matthieu Patou
mat at samba.org
Mon Feb 14 14:15:25 MST 2011
On 14/02/2011 23:34, nc-codewete at netcologne.de wrote:
> Hello Matthieu,
>
> here my settings:
>
> chown bind.bind /usr/local/samba/private/dns.keytab;
> chown bind.bind /usr/local/samba/private/named.conf;
> chmod 644 /usr/local/samba/private/dns.keytab;
> chmod 644 /usr/local/samba/private/named.conf;
>
> This was the only changes.
>
> I have checked the logs and found no errors about permissions-problems
> and no other errors.
>
> It's this really a security-problem?
Potentially any person that has an access on your system has an access
to the keytab of DNS, I wouldn't call it too great, as a rule of thumb
the less you give rights the better you protect from future problems.
--
Matthieu Patou
Samba Team http://samba.org
Private repo http://git.samba.org/?p=mat/samba.git;a=summary
More information about the samba
mailing list