On Fri, 28 Jan 2005 20:43:30 +0100, Nils Juergens wrote: >On Fri, 28.01.05, Thorsten Giese <[EMAIL PROTECTED]> wrote: > >I think it is considered good practice not to have users on important >systems in the first place, so maybe you should be thinking about how to get >your users off of your server.
Disagree disagree disagree .. Leaving aside personal workstations, and resource-server-type systems, there's a huge category of systems that will potentially (and quite normally) have unprivileged users (that's what computing services are all about). In the corporate world anyway. And good practice in such circumstances dictates that we only allow ordinary users to see what they need to see. The best solution to this issue would be to have smbstatus enhanced to only show status information relating to the calling (unprivileged) user. But in lieu of that (a task for the Samba team) I think it should be okay to simply change the permissions on /var/run/samba/locking.tdb so only root can access it. There's no real need for ordinary users to use smbstatus anyway. IMHO. Nick Boyce Bristol, UK -- Expert, n.: Someone who comes from out of town and shows slides -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
