[Samba] Samba4-AD - named.conf

Matthieu Patou mat at samba.org
Mon Feb 14 14:15:25 MST 2011


On 14/02/2011 23:34, nc-codewete at netcologne.de wrote:
> Hello Matthieu,
>
> here my settings:
>
> chown bind.bind /usr/local/samba/private/dns.keytab;
> chown bind.bind /usr/local/samba/private/named.conf;
> chmod 644 /usr/local/samba/private/dns.keytab;
> chmod 644 /usr/local/samba/private/named.conf;
>
> This was the only changes.
>
> I have checked the logs and found no errors about permissions-problems 
> and no other errors.
>
> It's this really a security-problem?
Potentially any person that has an access on your system has an access 
to the keytab of DNS, I wouldn't call it too great, as a rule of thumb 
the less you give rights the better you protect from future problems.



-- 
Matthieu Patou
Samba Team        http://samba.org
Private repo      http://git.samba.org/?p=mat/samba.git;a=summary




More information about the samba mailing list