[Samba] [Announce] Samba 4.8.0rc4 Available for Download

Jonathan Hunter jmhunter1 at gmail.com
Thu Mar 1 22:34:35 UTC 2018

Thank you to all the team for the work on this.

On 1 March 2018 at 20:26, Karolin Seeger via samba <samba at lists.samba.org>

> [...]
> Encrypted secrets
> -----------------
> Attributes deemed to be sensitive are now encrypted on disk.
> [...]
> The key file "encrypted_secrets.key" is created in the same directory
> as the database and should NEVER be disclosed.  It is included by the
> samba_backup script.

Can I ask (genuine question) - what is the gain from encrypting the
secrets, but also keeping the key in the same directory?

I am all for encrypting data on disk; I'm just not sure what is gained in
this scenario. If an attacker has access to the database file, the same
attacker would also have access to the key, wouldn't they?

Not that I can think of any alternatives, given that the server does of
course need the key itself in order to decrypt and use the database - I
just wanted to understand the thinking behind the feature.

(Also - the notes state that an in-place upgrade won't encrypt the
database.. is there a command-line way to trigger an encrypt, should it be



"If we knew what it was we were doing, it would not be called research,
would it?"
      - Albert Einstein

More information about the samba mailing list