The following is a wishlist bug I've received about the permissions of the home directory when it is created by smbldap-tools.
El Mon, May 16, 2005 at 05:15:28PM +0800, gary ng va escriure: > Package: smbldap-tools > Version: 0.8.7-4 > Severity: wishlist > > I am creating a linux server for windows users using samba and > smbldap-tools. Everything works fine but I would suggest to change the > default home directory creation mode to 0711 instead of 0700, or may be > some environment parameter. The reason is that this same home directory > is used for both Maildir and apache userdir. Since apache2 in debian run > as www-data instead of root, it cannot read the home directory if it is > set to 0700 but 0711 is fine. This may weaken the security a bit but > since it is only the 'directory access' mode and files created under it > is still 0700, it should not present too much of security risk. I have not had the need to change the user home DIR_MODE, but I agree that using a configuration variable for the default mode (and probably adding an option to the smbldap-useradd script to override it )could be a good addition to the tool, but I feel that it has to be done on the upstream version... what do you think? I have no time to provide a patch right now, but it should be quite easy to do, if the developers want one I can send one in some days (don't know when, I'm quite busy now). Greetings, Sergio. -- Sergio Talens-Oliag <[EMAIL PROTECTED]> <http://people.debian.org/~sto/> Key fingerprint = 29DF 544F 1BD9 548C 8F15 86EF 6770 052B B8C1 FA69
signature.asc
Description: Digital signature