search for: trust_account

...exist in the system's /etc/passwd file. I was relativly pleased to learn that it does, but only does so by virtue of core dumping when you try to do it. Here's why: (Source code is from samba 2.0.3 downloaded yesterday) Note that at swat.c:635, we are calling local_password_change with trust_account = False. Then, inside local_password_change (which in the case that is core dumping is being called by clicking 'add user' with a username not in /etc/passwd) you check to see if the user exists; but only if trust_account is true. I guess this is fine; I don't know enough about the pr...

...exist in the system's /etc/passwd file. I was relativly pleased to learn that it does, but only does so by virtue of core dumping when you try to do it. Here's why: (Source code is from samba 2.0.3 downloaded yesterday) Note that at swat.c:635, we are calling local_password_change with trust_account = False. Then, inside local_password_change (which in the case that is core dumping is being called by clicking 'add user' with a username not in /etc/passwd) you check to see if the user exists; but only if trust_account is true. I guess this is fine; I don't know enough about the pr...

...that you have provided a default smb.conf file for redhat 6.1 that puts samba private configuration files in /etc. the suggested options, for example show "smbpasswd file = /etc/smbpasswd". this is REALLY bad. 1) you CANNOT put smbpasswd in /etc. 2) you CANNOT put private files DOMAIN.TRUST_ACCOUNT.mac in /etc. i know that these require root access, however if your users start to assume that just because these files are in /etc, they are equivalent to /etc/passwd, they may decide to make these world-readable, and as a result they will compromise the security of the box, and potentially the s...