Date: Tue, 27 Jun 2000 09:49:03 -0500 From: "Shawn Barnhart" <swb@grasslake.net> To: <freebsd-ports@freebsd.org> Subject: Samba's SWAT & authentication Message-ID: <007e01bfe046$d6b59460$b8209fc0@campbellmithun.com>
next in thread | raw e-mail | index | archive | help
What's the deal with SWAT authentication? I have a Freebsd 4-Stable box running SWAT from the Samba 2.0.7 port and I can log into SWAT as a regular user (ie, not root but has a smbpasswd entry) and make any changes I want to the smb.conf file -- which is 0644 root.wheel. I'm presuming this is because my inetd.conf entry for SWAT has it running as root as per the example. Is this how SWAT's _really_ supposed to work? Its a useful tool, but I'm terrified of any user with an account being able to mangle the conf file at will, create shares, etc. A [swat] section in the smb.cfg file would be excellent, or even a seperate swat.users file. Is there any way to control which users can and can't make changes to the server other than packet filtering the SWAT port? This is kind of awkward and inconvenient. If I'm missing something here, please let me know. -- swb@grasslake.net Hard work often pays off after time, but laziness always pays off now. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ports" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?007e01bfe046$d6b59460$b8209fc0>