[prev in list] [next in list] [prev in thread] [next in thread]
List: best-of-security
Subject: samba security
From: Julian Assange <proff () suburbia ! net>
Date: 1995-08-12 0:14:07
[Download RAW message or body]
Date: Fri, 11 Aug 1995 09:04:55 +0100
From: "Stephen C. Steel" <steve@qv3pluto.LeidenUniv.nl>
To: samba@anu.edu.au
Cc: carolo@luna.gui.uva.es
Subject: Re: security hole? (Samba Digest 643)
Message-ID: <199508110804.SAA16811@anugpo.anu.edu.au>
In Samba Digest 643
Carlos Sanjuan Anton <carolo@luna.gui.uva.es> wrote:
> i have the samba 1.9.13 instaled in my Linux 1.3.15 system with this
> smb.conf:
>
> [global]
> print command = /usr/bin/lpr %s ; rm %s
> printing = bsd
> workgroup = GUI
> lpq command = /usr/bin/lpq
> printer name = sumi
> printcap name = /etc/printcap
> hosts allow = cacharro.gui.uva.es, krater.gui.uva.es, luna.gui.uva.es
> status = yes
> lock directory = /var/locks/
> security = user
>
> [homes]
> comment = Home Directories
> browseable = no
> read only = no
> create mode = 0750
> invalid users = root
>
>
> and any user of the server can mount the root home directory,
> like this:
>
> smbclient \\\\luna\\root
>
> from luna.gui.uva.es ( Linux ), and also from cacharro.gui.uva.es and
> krater.gui.uva.es ( they are Windows 3.11 ). You just simply type the user's
> password (not the root) and you have read access to the root directory.
>
> Is this normal, is a bug or is it my fault?
Yes it is normal. The [homes] directive means export all the home
directories listed in /etc/passwd. Each of these shares will have
the properties listing in the [homes] section: in particiular, you
will not be allowed to log on as root for any of them. This doesn't
stop them logging on to roots home dir as someone else (with the
corresponding permissions. It is not a real security hole, as it
doesn't grant any more access than a user could obtain by logging on
to the server directly with their user ID.
If you want to prevent this behaviour, you'll need to make the
default directory for user root something other than "/". Putting it
in the same tree as the other users, but with tight permissions is a
good choice if the users homedirs are not on a seperate disk.
Otherwise just "mkdir homedir-root" and copy all roots ".*" files
there, and change /etc/passwd to reflect this. Make sure the home dir
of the super user in the "/" filesystem, so that it is always
available, even if the other filesystems are not mounted. (Thats why
the root's home dir is not usually with the other home dirs, since
they are often on a seperate file system.)
==========================================================
Stephen C. Steel Kamerlingh Onnes Lab.
<steve@qv3donald.LeidenUniv.nl> Postbus 9506
Tel: (+31) 71-275445 2300 RA Leiden
Fax: (+31) 71-275404 The Netherlands
==========================================================
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic