Displaying 20 results from an estimated 10000 matches similar to: "standalone server - force connections from windows group to be a specific unix user (UID)"
2002 Mar 07
0
[Bug 136] New: setgid() deemed to fail for non-suid ssh client on linux if using other than primary group
http://bugzilla.mindrot.org/show_bug.cgi?id=136
Summary: setgid() deemed to fail for non-suid ssh client on linux
if using other than primary group
Product: Portable OpenSSH
Version: 3.0.2p1
Platform: ix86
OS/Version: Linux
Status: NEW
Severity: normal
Priority: P2
Component: ssh
2002 Mar 12
2
Patch: --drop-suid Remove suid/sgid from target files
The attached patch adds an option --drop-suid which caused rsync to drop
setuid/setgid permissions from the destination files.
ie, even if the source file is setuid, the target file will not be.
Added as we want to rsync the same files to machines both inside and outside
our firewalls. For machines inside the firewall some files should be suid,
for machines outside the firewalls they should
2002 Jul 03
2
--{enable/disable}-suid-ssh removed, rhosts auth gone when UID != 0
Hi,
According to ChangeLog someone "(bal)" removed -{enable/disable}-suid-ssh
from configure (dating from 2002/06/07). Don't know the reason, probably
this has something to do with PrivilegeSeparation.
Consequence is: Users with UID != 0 are no longer able to allocate
privileged ports, sshd answers "Rhosts Authentication disabled,
originating port will not be
2002 Jun 11
3
Possible UID/GID bug in chrooted shells?
I'm stuck on a problem with rsync...
We've got a chrooted shell with rsync and all the needed libs inside (and not
much else).
We're using rsync over ssh to send the files into this chrooted session. The
rsync binary in the chrooted session is SUID root so that it can create the
files with the correct UID/GID. When the following is run, it creates all the
files as root.staff, not
2000 Jun 06
0
[CSSA-2000-015-0] Caldera Security Advisory: KDE suid root applications
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
______________________________________________________________________________
Caldera Systems, Inc. Security Advisory
Subject: kdelibs vulnerability for setuid KDE applications
Advisory number: CSSA-2000-015.0
Issue date: 2000 June, 02
Cross reference:
______________________________________________________________________________
1.
2004 Jan 08
0
adding Windows Domain users to a unix group
Hi All,
Just joined the list. The postings are very helpful
for me to implementing samba for my work place.
I am running samba 3.0.1 or RED HAT 9.0.
Does anybody know how to add Windows domain users to a
linux usergroup? My PDC is running Windows 2000. I do
not have permissions to create groups on the Windows
PDC. Windbind is working fine on the Redhat machine. I
can map to the linux samba
2008 Apr 09
0
"set owner" option for rsync client
I have the following configuration:
Server side:
rsync daemon running as suid root, use chroot set to false.
Client side:
rsync client setuid root (so that it can write over other suid root owned
files).
When doing a :: based rsync to the server, I'd like to have the client be
able to create/update files as the owner I pass on the command line. Since
it has to be setuid root, and I
2010 Jan 22
0
force all connections that come from a windows group to be a specific user and problems with net groupmap add
Does anyone know of a simple (share) mechanism that doesn't require setting
up a complex ldap, winbind, pdc, etc samba configuration
that will allow users connecting to a samba share to always be forced to be
a specific unix UID? The idea is to have
the linux data owned by a particular linux user, and be able to control
write access to that data by adding any arbitrary
windows user to a
2002 Nov 25
0
Linux and Samba Code
Here is an executable that would allow a user to change the linux and
SMB passwords simultaneously.
The website indicated in the comments had some problems in the code, but
they are fixed in the cpasswd.c file which is below and also attached.
Hope that this helps others. The code is a fix, not a solution. it only
works from the command prompt, but it helps with keeping linyx and Samba
2001 Mar 07
2
smbmount - file permissions on RH7
Greetings in Christ our Saviour.
I am having an enormous amount of difficulties trying to do something that
should be quite easy. Obviously, I am missing something. I have read
everything I can find on this, and have tried everything I can think of and
more...
I am trying to mount a Win98 drive on my Redhat 7.0 box. The mounting is no
problem. However, when I log into my user account and try
2001 Apr 05
0
HP-UX 9 problems (hangs on logout; tty isn't sane)
I'm trying to get OpenSSH 2.5.2p2 to run on HP-UX 9.05. I've had some
decent results, but I'm also seeing some problems.
I'm using the EGD (I configured with --with-prngd-socket=/tmp/entropy).
* Compiling required some changes, which I've attached. Two of the
changes are "hackish", and not at all suited to inclusion in the
source tree, but they might point
2015 Mar 23
0
UID and GID mapping throw DC and Member DC
On 23/03/15 19:15, Jhon P wrote:
> What do you mean with different winbinds?
On the DC, winbind is built into the samba daemon, you do not run a
separate winbind daemon. On a member server you run the nmbd & smbd
daemons along with a separate winbind daemon.
>
> I can destroy the member server, its on testing.
> It is for the version of windbind?
>
> I can get this from
1997 Sep 16
0
Re: Re: Security Concern..
In message <199709161652.MAA31468@ding.mailhub.com>, "Alexander O. Yuriev" writ
es:
>
> [Mod: This message is a reason *why* linux-security is moderated list. This
> is also a reason why Rogier, myself, Alan Cox and others really do not want
> to have completely open lists that deal with security related aspects of
> running a system as way too many people just jump
2000 Oct 02
0
(from BugTraq) openssh2.2.p1 - Re: scp file transfer hole
X-PMC-CI-e-mail-id: 13726
Hi,
I have been a successful user of Openssh for some time.
I am attaching two articles from BugTraq.
Hopefully, they show exactly the security problems
reported in the BugTraq mailing list.
[Pity that no one seemed to have bothered to contact the
mailing list(s) for openssh development.]
I am not sure what the right fixes would be.
But at least, people need to be
2015 Mar 23
2
UID and GID mapping throw DC and Member DC
What do you mean with different winbinds?
I can destroy the member server, its on testing.
It is for the version of windbind?
I can get this from DC.
But I can not do the same with DC.
"Tonight 2X1 sledgehammers." :-) XD
> Date: Mon, 23 Mar 2015 18:43:21 +0000
> From: rowlandpenny at googlemail.com
> To: samba at lists.samba.org
> Subject: Re: [Samba] UID and GID
2008 Feb 02
1
Unix Users can't connect to Samba with AD / ADS configuration
Hi,
I'm newbie starting with Samba, so I can ask stupid questions :-)
I've a Samba Server (3.023c).
I have a Win2K Domain.
I need to put the Samba server on the WIN2K Domain, and give access to AD
users.
Bit I also need that my Unix users have access to the Samba server.
And I can't create AD accounts to Unix users.
I have shared directories like that :
- project (only for auth
2001 Jun 19
1
FW: poor permissions on ssh binary
-----Original Message-----
From: Loomis, Rip
Sent: Tuesday, 19 June, 2001 09:10
To: 'geoff at raye.com'
Subject: RE: poor permissions on ssh binary
Geoff--
You stated that you consider it "a poor choice
of permissions" to install the ssh binary as
mode 0711. Since it will run perfectly with
even more restrictive permissions (we typically
install it mode 0511 here), what is
2003 Nov 02
0
Windbind requirements and settings
I posted this to comp.protocols.smb, but I'll give it a shot here too...
Background :
We have an existing Win2k domain, 2 Win2k domain controllers, all
working just fine. I've been using Samba 2.2.x for quite a while to
provide access to specific folders on *nix machines using Domain
security...So I'm reasonably familiar with how file/print sharing works.
But what I'm
1997 Oct 20
1
LPRng security
Hi all,
I just looked into LPRng to see to what extent it is affected by the
problems recently reported for the BSD lpd. It seems that it is fairly
safe from those mentioned in the SNI advisory.
> Problem 1: File creation
>
> Individuals with access to the line printer daemon from a privileged
> port on a valid print client can tell lpd to create a file, providing
> the name of
2008 May 22
2
auth_socket_path permissiones
Hello,
I'm using dovecot 1.0 under debian etch.
The lda socket path is set to:
auth_socket_path = /var/spool/postfix/private/auth
But this gives me the error:
net_connect(/var/spool/postfix/private/auth) failed: Permission denied
I suppose deliver is run as dovecot user.
I read about running deliver as root with the suid bit set. I'm not quite sure
if this is a good solution. Is there