[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Windows domain user in Linux



On Sat, May 5, 2012 at 5:07 PM, Camaleón <noelamac@gmail.com> wrote:
> On Sat, 05 May 2012 16:19:52 +0500, Muhammad Yousuf Khan wrote:
>
>> On Sat, May 5, 2012 at 1:50 AM, Camaleón <noelamac@gmail.com> wrote:
>
>>>> Thanks for the informative email, however administrator is me so thats
>>>> the reason i added that.
>>>
>>> Yes, but that's still dangerous. Why do you need to be in root's group?
>>>
>>>
>> Because, there are few folders stored on samba storage where me as a
>> administrator need to write files very often.
>
> Then you can adjust the share owner and permissions in a proper way.
>
>> so it seems easy to me that i have to just chmode 770 to the folder/file
>>  and things starts working accordingly.
>
> Easy, can be (I can't tell because I don't know the details of your samba/
> shares layout). Secure, not.

mostly share are like this.............

[Library]
        comment = Shared Directories
        path = /hdxxx/100xx/libxxx/
        read list = @all
        write list = nhasnain, admin
        read only = yes
        create mask = 0774
        directory mask = 0774

>
>> by the way , what kind of security consequences you are talking about?
>
> An impersonated user that can access/read/delete your system files.
>
>> note : i am using this only for samba share
>
> More reasons to avoid exposing your system security.

Thanks , i got your point ....... and i like it too. ill change the
right infrastructure accordingly.




>
> Greetings,
>
> --
> Camaleón
>
>
> --
> To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
> Archive: jo355m$4gr$4@dough.gmane.org">http://lists.debian.org/jo355m$4gr$4@dough.gmane.org
>


Reply to: