On Mon, Mar 20, 2006 at 08:54:22AM +0100, Roland Schwarz wrote: > Consequently if someone is having root access on any single workstation, > he can modify the mapping at will to get root access to the entire > domain. The only remedy I can see is to disallow root access on all > workstations (which is a very undesirable fact).
But right now the only possibility. > Are I am missing something, or is there a different setup possible to > omit this security loophole? No, you are right. In Samba trunk we have started working on the unixinfo RPC pipe that eventually will fix this. But it's not finished yet. Volker
pgp3Ow93F0RAa.pgp
Description: PGP signature
-- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba
