[Samba] PROPOSAL: Remove SWAT in Samba 4.1

Rob Townley rob.townley at gmail.com
Sun Feb 17 23:23:27 MST 2013

This is why it is smart to use a dedicated Firefox profile for banking,
another profile just for email, another profile for web browsing.    And of
course, another dedicated profile for internal systems only such as
for managing dd-wrt, switches, iLO,  DRAC, webcams, webmin and swat.

Safer is to have a dedicated swat xulrunner app.

If you want to be safest, use Qubes-OS.

Every user on the internet should know the following commands:
Firefox -no-remote -CreateProfile swatUseOnly
Firefox -no-remote -P swatUseOnly

I use swat when I want to find the new config options because it is often
the only documentation.  Keep swat.  It is not swan's fault, it is the

On Sunday, February 17, 2013, Andrew Bartlett <abartlet at samba.org> wrote:
> On Sun, 2013-02-17 at 20:52 -0500, Nico Kadel-Garcia wrote:
>> On Sun, Feb 17, 2013 at 7:02 PM, Andrew Bartlett <abartlet at samba.org>
>> > As most of you would have noticed, we have now had 3 CVE-nominated
>> > security issues for SWAT in the past couple of years.
>> Has "webmin" kept up to date with the latest structural changes in
>> smb.conf? I'll admit that I've long preferred the "webmin" module
>> structure over the dedicated add-on structures of "swat".
> It seems webmin has much the same challenges, perhaps because it's a
> package of a similar age.  Or web security is just hard...
> http://www.webmin.com/security.html
> smb.conf hasn't changed structure in a long time, but we do add/remove
> options each release.  Neither is likely to do the AD DC stuff very well
> right now.
> Andrew Bartlett
> --
> Andrew Bartlett                                http://samba.org/~abartlet/
> Authentication Developer, Samba Team           http://samba.org
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/options/samba

More information about the samba mailing list