Date: Thu, 28 Nov 2002 00:20:37 +0200 From: Giorgos Keramidas <keramida@ceid.upatras.gr> To: Terry Lambert <tlambert2@mindspring.com> Cc: "David W. Chapman Jr." <dwcjr@inethouston.net>, current@FreeBSD.ORG Subject: Re: pw_user.c change for samba Message-ID: <20021127222037.GA13085@gothmog.gr> In-Reply-To: <3DE5315A.FC6D59B@mindspring.com> References: <20021127192126.GA31706@leviathan.inethouston.net> <3DE52B70.44402B98@mindspring.com> <20021127203401.GA35573@leviathan.inethouston.net> <3DE5315A.FC6D59B@mindspring.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On 2002-11-27 12:55, Terry Lambert <tlambert2@mindspring.com> wrote: > It seems to me that another alternative is that all these > names end in '$'; therefore, when you are expecting one of > these names, you could imply a '$', without needing to actually > have it in the password file -- in other words, it's an > attribute, not really part of the account name. > > Will this open up a security hole for a nomal user account > being used to compromise the domain system security? Probably 'yes'. I haven't tried this, but I guess one could name his machine "Administrator". When that username is passed around, is it clear that it is a machine name and not a user name? I guess that if this way someone just might trick a remote SMB server that his username is 'Administrator' by changing his local machine's name, we have a problem... To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20021127222037.GA13085>