On Sat, 29 Jan 2005 14:50:03 +0100, Ruben van der Leij wrote:
>+++ Nick Boyce [29/01/05 02:56 +]:
>
>> I think it
>> should be okay to simply change the permissions on
>> /var/run/samba/locking.tdb so only root can access it. There's no
>> real need for ordinary users to use smbstatus anyway.
+++ Nick Boyce [29/01/05 02:56 +]:
> I think it
> should be okay to simply change the permissions on
> /var/run/samba/locking.tdb so only root can access it. There's no
> real need for ordinary users to use smbstatus anyway. IMHO.
Have you actually *tried* that 'solution'? Perhaps smbstatus
On Fri, 28 Jan 2005 20:43:30 +0100, Nils Juergens wrote:
>On Fri, 28.01.05, Thorsten Giese <[EMAIL PROTECTED]> wrote:
>
>I think it is considered good practice not to have users on important
>systems in the first place, so maybe you should be thinking about how to get
>your users off of your serve
On Fri, 28.01.05, Thorsten Giese <[EMAIL PROTECTED]> wrote:
> Michael, I see now, what you meant in your first post: hadn't looked at those
> files so far. But the situation is not very satisfactory for me. I think some
> things should not be seen by the user, and filenames are definitiv a probl
Am Donnerstag, 27. Januar 2005 21:06 schrieb Michael Stone:
> /var/run/samba/locking.tdb
There is plenty of information regarding filenames in this specific file, and
there are of course many other files ;). I wonder if it would do any harm do
samba, if that was not readable by others, if the d
On Thu, Jan 27, 2005 at 05:11:51PM +0100, Daniel van Eeden wrote:
Use setfacl to set/remove rights to smbstatus.
Example:
chmod 700 /usr/bin/smbstatus
setfacl -m u:adminuser:r-x /usr/bin/smbstatus
setfacl -m u:baduser:--- /usr/bin/smbstatus
Use groups instead of users when posible.
setfacl is part
Use setfacl to set/remove rights to smbstatus.
Example:
chmod 700 /usr/bin/smbstatus
setfacl -m u:adminuser:r-x /usr/bin/smbstatus
setfacl -m u:baduser:--- /usr/bin/smbstatus
Use groups instead of users when posible.
setfacl is part of the acl package.
On Thu, 2005-01-27 at 15:28 +0100, Thorsten
Am Donnerstag, 27. Januar 2005 15:56 schrieb Michael Stone:
> >I just discovered, that smbstatus can be run by a normal user. It gives
> >sensible Information about usernames and pathes to files (locked files). I
> > do not find this behaviour reasonable. Any comments? suggestions how to
> > fix
On Thu, Jan 27, 2005 at 03:28:49PM +0100, Thorsten Giese wrote:
I just discovered, that smbstatus can be run by a normal user. It gives
sensible Information about usernames and pathes to files (locked files). I do
not find this behaviour reasonable. Any comments? suggestions how to fix
this? Sh
Hello there.
I just discovered, that smbstatus can be run by a normal user. It gives
sensible Information about usernames and pathes to files (locked files). I do
not find this behaviour reasonable. Any comments? suggestions how to fix
this? Should I file a bug report?
--
Viele Grüße
Thors
10 matches
Mail list logo