We're in the midst of setting up some XP workstations and came across a rather large security problem... Essentially, when bob logs into a workstation (samba acting as the PDC), then alice logs onto the workstation, alice can peruse bob's [homes] share. Anyone know how I would go about disabling this? I'm at a complete loss -- the only thing I could think of was the Cached Logon Credentials, but I didn't think it was applicable in this case.
On Thu, Aug 28, 2003 at 03:53:05PM -0400, Damian Gerow wrote:> We're in the midst of setting up some XP workstations and came across a > rather large security problem... > > Essentially, when bob logs into a workstation (samba acting as the PDC), > then alice logs onto the workstation, alice can peruse bob's [homes] share. > > Anyone know how I would go about disabling this? I'm at a complete loss -- > the only thing I could think of was the Cached Logon Credentials, but I > didn't think it was applicable in this case.Set the path to the homes share to include %U instead of using the default homes path. Jeremy.
Thus spake Jeremy Allison (jra@samba.org) [28/08/03 16:00]:> > Anyone know how I would go about disabling this? I'm at a complete loss -- > > the only thing I could think of was the Cached Logon Credentials, but I > > didn't think it was applicable in this case. > > Set the path to the homes share to include %U instead of using the > default homes path.Well. That was simple. Thanks.