Re: Removing system users on purge [Re: Bits from the release team: the plans for etch]
Stephen Frost <email@example.com> wrote:
> * Frank K?ster (firstname.lastname@example.org) wrote:
>> Stephen Frost <email@example.com> wrote:
>> > Have we actually got a specific case of this happening and there being a
>> > real security threat from it?
>> When I ran a samba server years ago, I changed the default log file names
>> and, IIRC, location.
> Were they owned by the samba uid?
I don't know for sure, but I think yes.
> Were they terribly sensitive?
In some cases knowledge of filenames that one user uses would have been
very interesting for some other users.
> you ever actually uninstall samba? Was the samba uid reused?
Since I left that server to somebody else, I can only speculate:
Probably no, but I cannot exclude it (e.g. if there ever was a samba-ng
package or something like that, they might have tried it instead).
> Was there
> an actual compramise of the files by another daemon?
I assume that in this case I'd know.
> I'm looking for actual cases of this 'security hole' being exploited,
Sorry, I can't help you.
Inst. f. Biochemie der Univ. Zürich