Bug#718865: Update and minimize /etc/samba/smbldap-machineadd-gosa

To: 718865@bugs.debian.org
Subject: Bug#718865: Update and minimize /etc/samba/smbldap-machineadd-gosa
From: Arne Sørli <arne.sorli@kongsberg.frisurf.no>
Date: Mon, 12 Aug 2013 07:09:34 +0200
Message-id: <[🔎] 201308120709.34809.arne.sorli@kongsberg.frisurf.no>
Reply-to: Arne Sørli <arne.sorli@kongsberg.frisurf.no>, 718865@bugs.debian.org

[Petter Reinholdtsen]
> I noticed a really scaring thing:
> Logged in as a student using a teacher's uid with the above command, I'm
> able to get/put/rename/delete files and dirs, cause I seem to get the
> smb shell under that uid. Something seems to be misconfigured.
> 
> Can someone try to reproduce this behaviour?

Yes, I got the same behaviour from XP SP3.

Could log in as a teacher only knowing the teacher uid (using no password) and 
could then delete files and so on. The same ting for browsing 
\\TJENER\<username> (not logged in).

--  
Arne Sørli

Reply to:

Follow-Ups:
- Re: Bug#718865: Update and minimize /etc/samba/smbldap-machineadd-gosa
  - From: Wolfgang Schweer <wschweer@arcor.de>

Prev by Date: Bug#718865: Update and minimize /etc/samba/smbldap-machineadd-gosa
Next by Date: Debian RT Ravel can’t access to wiki.d.o anymore
Previous by thread: Bug#718865: Update and minimize /etc/samba/smbldap-machineadd-gosa
Next by thread: Re: Bug#718865: Update and minimize /etc/samba/smbldap-machineadd-gosa
Index(es):
- Date
- Thread