Am Donnerstag, 27. Januar 2005 15:56 schrieb Michael Stone: > >I just discovered, that smbstatus can be run by a normal user. It gives > >sensible Information about usernames and pathes to files (locked files). I > > do not find this behaviour reasonable. Any comments? suggestions how to > > fix this? Should I file a bug report? > > It's neither a bug nor a problem. The same information is available via > other mechanisms.
I agree with you for the username-part. /etc/passwd is world-readable, also when I use LDAP without anonymous bind I could prevent that. But when there is a file like /srv/share/intern/dismissal_johndoe.sxw no one but the users in the group intern should be allowed (directory permissions set correctly) to see that file. I also can't think of any other way for getting that information. -- Viele Gr��e Thorsten Giese ANW GmbH & Co. KG Prager Ring 4-12 66482 Zweibr�cken Telefon 06332/79-1830 Telefax 06332/79-1834 mailto:[EMAIL PROTECTED] http://www.anw.de -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
