-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Dwight Tovey wrote:
> I tested it. I tried several permutations, using "invalid > users" and "valid users" in both the [global] and > [homes] sections. With the "invalid users" line > that you had (in either section), once I login as a > Domain Admin I can then get at all these system > account directories. Hmmm...ok. Must have gotten broken then. Thanks for letting me know. > Well, "wide open" may have been a bit strong. Definately > more open than I would like. They may not be able to read > my /etc/shadow file, but they can browse around areas > where I don't want them, especially since I don't > allow shell access to the system. Yeah. I understand. Kind of like allowing symlinks in Apache and someone linking to / from the the DocumentRoot. cheers, jerry -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2 (MingW32) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFDurx1IR7qMdg1EfYRAhs1AJsFYbzeilBHvvmuLePmPSAs3e2rBgCeOzdZ 24tB//vymrADa/0tz0Vn6sI= =yUqy -----END PGP SIGNATURE----- -- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
