Re: possible samba security problem

To: Thorsten Giese <t.giese@anw.de>
Cc: debian-security@lists.debian.org
Subject: Re: possible samba security problem
From: Daniel van Eeden <daniel_e@dds.nl>
Date: Thu, 27 Jan 2005 17:11:51 +0100
Message-id: <[🔎] 1106842312.26102.1.camel@scn-lan37.snowcn.snow.nl>
In-reply-to: <[🔎] 200501271528.57151.t.giese@anw.de>
References: <[🔎] 200501271528.57151.t.giese@anw.de>

Use setfacl to set/remove rights to smbstatus.
Example:
chmod 700 /usr/bin/smbstatus
setfacl -m u:adminuser:r-x /usr/bin/smbstatus
setfacl -m u:baduser:--- /usr/bin/smbstatus

Use groups instead of users when posible.
setfacl is part of the acl package.

On Thu, 2005-01-27 at 15:28 +0100, Thorsten Giese wrote:
> Hello there. 
> 
> I just discovered, that smbstatus can be run by a normal user. It gives 
> sensible Information about usernames and pathes to files (locked files). I do 
> not find this behaviour reasonable.  Any comments? suggestions how to fix 
> this? Should I file a bug report? 
-- 
Daniel van Eeden <daniel_e@dds.nl>

Attachment: smime.p7s
Description: S/MIME cryptographic signature

Reply to:

Follow-Ups:
- Re: possible samba security problem
  - From: Michael Stone <mstone@debian.org>

References:
- possible samba security problem
  - From: Thorsten Giese <t.giese@anw.de>

Prev by Date: Re: possible samba security problem
Next by Date: Re: auth log
Previous by thread: Re: possible samba security problem
Next by thread: Re: possible samba security problem
Index(es):
- Date
- Thread