[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#718865: Update and minimize /etc/samba/smbldap-machineadd-gosa

[Petter Reinholdtsen]
> I noticed a really scaring thing:
> Logged in as a student using a teacher's uid with the above command, I'm
> able to get/put/rename/delete files and dirs, cause I seem to get the
> smb shell under that uid. Something seems to be misconfigured.
> Can someone try to reproduce this behaviour?

Yes, I got the same behaviour from XP SP3.

Could log in as a teacher only knowing the teacher uid (using no password) and 
could then delete files and so on. The same ting for browsing 
\\TJENER\<username> (not logged in).

Arne Sørli

Reply to: