At 04:35 PM 2/25/2001, you wrote:
>I guess what I was asking was that if one allowed write-permission via
>samba, on a [COMPLETE] linux filesystem, and this was compromised on a
>windows client, wouldn't that [COMPLETELY] compromise the linux box?
Accordingly.....that sysop should post his root password as well!!!
I only allow global / write access to root and sudoers are severly
limited and Samba shares tight. In other words, you only have
/ write access from a console login. Period. I've corrupted filesystems
a few times remotely and thus learned by "trial of fire".
You *can* play with passwords, netlogin and other goodies to protect
various shares, probably, but not guaranteeing, a chance at bypassing
BO security holes.
Look at the Samba security faq...I'm sure either there or on the groups
there's already an answer and/or "fix" for BO/Samba security issues.
jk
-----------------------------
James S. Kaplan KG7FU
Eugene Oregon USA
[EMAIL PROTECTED]
http://www.rio.com/~kg7fu
ICQ # 1227639
Have YOU tried Linux today?
-----------------------------
