Quoting Daniel Fernández ([EMAIL PROTECTED]): > Well, at least we have the filesystem privileges to protect the > sensitive data. But I dont like this bug, anyway.
So don't we. I think it's probably time to apply one of the patches used in Ubuntu: --- smb.conf~ 2007-01-31 06:01:20.973216065 +0100 +++ smb.conf 2007-02-11 10:48:13.463426021 +0100 @@ -223,6 +223,11 @@ # create dirs. with group=rw permissions, set next parameter to 0775. directory mask = 0700 +# Restrict access to home directories +# to the one of the authenticated user +# This might need tweaking when using external authentication schemes + valid users = %S + # Un-comment the following and create the netlogon directory for Domain Logons # (you need to configure Samba to act as a domain controller too.) ;[netlogon] With this, at least the default setup will not expose such valid system users home directories to others.
signature.asc
Description: Digital signature