Bug 54872
Summary: | user can change root password with smbpasswd | ||
---|---|---|---|
Product: | [Retired] Red Hat Raw Hide | Reporter: | Martin Wilck <martin.wilck> |
Component: | samba | Assignee: | Trond Eivind Glomsrxd <teg> |
Status: | CLOSED NOTABUG | QA Contact: | David Lawrence <dkl> |
Severity: | medium | Docs Contact: | |
Priority: | high | ||
Version: | 1.0 | Keywords: | Security |
Target Milestone: | --- | ||
Target Release: | --- | ||
Hardware: | i386 | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2001-10-22 11:39:02 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
Martin Wilck
2001-10-22 11:38:57 UTC
I can't reproduce this. Anyway, as the %u is there in the supplied configuration file there should be no reason to remove it. If you want to create a hole-filled configuration, it's certainly possible in many programs . %u is _not_ in the default configuration. It is only present as in a comment in smb.conf. it will therefore not be seen by users who (like me) use SWAT for samba administration. The samba default is "/bin/passwd", a program that doesn't even exist on RedHat distributions. Similarly, the "passwd chat" default will never work on any RedHat system. I wonder why RedHat doesn't change these defaults such that they fit their distribution, but that's a different issue. The documentation (in the release in question) was also not explicit about "%u", and the option name "passwd program" does not suggest that one should put arguments in the value of that option. By no means did I intend to create a "hole-filled configuration". On the contrary, I am usually pretty concerned about security. And it was not the first time I configured a samba server, only the first time I felt the need to use "unix password sync". As I mentioned already, the problem is solved by samba 2.2.2. I just wanted to make you aware something like this could happen. As I often mention, this is one of the major reasons I added 'pam password change' to Samba. It is much less prone to this kind of stuff-up. Also, 2.2.2 now doesn't allow a password change as root without %u. |