search for: untrusting

hi: at RHEL 7.4 we had used "map untrusted to domain = yes". so users can login with "username" instead of "sam-dom\username". after upgrade to RHEL 7.5, samba version upgrade from 4.6 to 4.7. now "map untrusted to domain = yes" or "map untrusted to domain = auto" are not working. can we still let user to use "usename" instead

Hi I have a question/problem about winbind and the "map untrusted to domain" (=yes) parameter. I use samba 3.6.0 on FreeBSD 8.2 with the following configuration: [global] encrypt passwords = yes map untrusted to domain = yes allow trusted domains = yes client ntlmv2 auth = yes client use spnego = yes client lanman auth = yes client plaintext auth = no winbind enum

This change allows use of untrusted X11 forwarding (which is more secure) without requiring users to choose a finite timeout after which to refuse new connections. This matches the semantics of the X11 security extension itself, which also treat a validity timeout of 0 on an authentication cookie as indefinite. Signed-off-by: Trixie Able <table at inventati.org> --- clientloop.c | 12

2018-06-29 15:12 GMT+08:00 Rowland Penny via samba <samba at lists.samba.org>: > On Fri, 29 Jun 2018 12:56:33 +0800 > d tbsky via samba <samba at lists.samba.org> wrote: > >> hi: >> >> at RHEL 7.4 we had used "map untrusted to domain = yes". so users >> can login with "username" instead of "sam-dom\username". >>

For awhile, at least a week and probably more, aptitude has been complaining that R packages are untrusted. I'm using the amd64 architecture. The packages are r-cran-{cluster,mass,zoo,matrix,digest}. There have been a couple of recent threads that seem related, but I'm having trouble interpreting them or their relevance. i386 is apparently unsigned, but I'm on amd64. There is some

http://bugzilla.mindrot.org/show_bug.cgi?id=111 Summary: sshd syslogs raw untrusted data Product: Portable OpenSSH Version: -current Platform: UltraSparc OS/Version: Solaris Status: NEW Severity: normal Priority: P2 Component: sshd AssignedTo: openssh-unix-dev at mindrot.org ReportedBy:

In bash, given a string assignment as follows, how do I "add slashes" automagically, so that it can be safely passed to another program? Notice that the assignment contains spaces, single-quotes and double-quotes, maybe god-only-knows-what-else. It's untrusted data. Yet I need to pass it all *safely*. The appropriate function in PHP is addslashes(); but what is the bash

$ ssh -v OpenSSH_5.1, OpenSSL 0.9.8j 07 Jan 2009 $ ssh -vvv -X example.com [ Relevant debug info: ] debug1: Remote protocol version 2.0, remote software version OpenSSH_5.1 [OpenSSH_5.1, OpenSSL 0.9.7j 04 May 2006] debug2: x11_get_proto: /usr/X11R6/bin/xauth -f /tmp/ssh-TLLOFKxvay/xauthfile generate :0.0 MIT-MAGIC-COOKIE-1 untrusted timeout 1200 2>/dev/null Warning: untrusted X11 forwarding

On Wed, Apr 29, 2020 at 03:39:53PM +0530, Srivatsa Vaddagiri wrote: > That would still not work I think where swiotlb is used for pass-thr devices > (when private memory is fine) as well as virtio devices (when shared memory is > required). So that is a separate question. When there are multiple untrusted devices, at the moment it looks like a single bounce buffer is used. Which to me

On Wed, Apr 29, 2020 at 03:39:53PM +0530, Srivatsa Vaddagiri wrote: > That would still not work I think where swiotlb is used for pass-thr devices > (when private memory is fine) as well as virtio devices (when shared memory is > required). So that is a separate question. When there are multiple untrusted devices, at the moment it looks like a single bounce buffer is used. Which to me

On 4/24/20 2:27 PM, Tom Lendacky wrote: > On 4/24/20 4:24 PM, Dave Hansen wrote: >> On 4/24/20 2:03 PM, Mike Stunes wrote: >>> I needed to allow RDTSC(P) from userspace and in early boot in order to >>> get userspace started properly. Patch below. >>> >>> --- >>> SEV-ES guests will need to execute rdtsc and rdtscp from userspace and

On 4/24/20 2:27 PM, Tom Lendacky wrote: > On 4/24/20 4:24 PM, Dave Hansen wrote: >> On 4/24/20 2:03 PM, Mike Stunes wrote: >>> I needed to allow RDTSC(P) from userspace and in early boot in order to >>> get userspace started properly. Patch below. >>> >>> --- >>> SEV-ES guests will need to execute rdtsc and rdtscp from userspace and

On 04/06/2020 13:49, Harald Hannelius via samba wrote: > > > We have a windows domain "AD" and a samba domain "SAD" running Samba > 4.9 in AD-mode. > > We also have an old NT4 domain called "Samba" running Samba 3.6 + > OpenLDAP. > > We have the same users and passwords in all three. The user objects in > the "SAD"-domain

http://bugzilla.mindrot.org/show_bug.cgi?id=849 Summary: Document or fix untrusted X11 authority timeout Product: Portable OpenSSH Version: 3.8.1p1 Platform: All OS/Version: All Status: NEW Severity: normal Priority: P2 Component: ssh AssignedTo: openssh-bugs at mindrot.org ReportedBy:

How can I get ssh to use "untrusted" cookies (see xauth(1), X11-SECURITY-Extension) with forwarded X clients? Cheers. Aurelio.

We have a file server, solaris 2.8 running SAMBA 2.2.8, that has two netbios names and we have an include file for smb.conf for each. We have some machines that are trusted and some that are not. Trusted means standardized windows install, users don't have root, untrusted means not necessarily standard install, users do have root. The trusted machines are defined in an NIS netgroup.

Hello everyone, Samba 3.6.9 on CentOS 6.4. With "security = ads", winbind doesn't authenticate requests that prepend a not-existent domain to the username. Users that have logged into the domain authenticate transparently to squid with NTLM (format is domain\username), but not users that are logged in locally or into another domain with the same username and password (format is

Hi All, We've been beating our heads against a problem here with a new Samba server that we're trying to bring into production, and I'm hoping that the members of this list can provide some insight. Our server is on a Linux CentOS 7.6, Samba version 4.8.3 installed from distribution packages. Our clients are a mixture of Windows, Mac, and Linux systems. Most of these clients are

----- Original Message ----- > From: "samba" <samba at lists.samba.org> > To: "samba" <samba at lists.samba.org> > Sent: Tuesday, July 17, 2018 2:29:59 PM > Subject: Re: [Samba] Cannot authenticate as guest to domain-joined Samba 4.7.0 fileserver when map untrusted to domain = > auto > On Tue, 17 Jul 2018 13:53:41 -0500 (CDT) > Andrew Martin

http://bugzilla.mindrot.org/show_bug.cgi?id=803 Summary: Security Bug: X11 Forwarding is more powerful than it needs to be. Product: Portable OpenSSH Version: -current Platform: All OS/Version: All Status: NEW Severity: major Priority: P2 Component: ssh AssignedTo: openssh-bugs