[889] in linux-security and linux-alert archive

home help back first fref pref prev next nref lref last post

[linux-security] Re: You wouldn't believe it...

daemon@ATHENA.MIT.EDU (Jon Lewis)
Wed Jul 10 12:31:05 1996

Date: Wed, 10 Jul 1996 02:12:11 -0400 (EDT)
From: Jon Lewis <jlewis@inorganic5.fdt.net>
To: Samuel Lewis <slewis@CompLaw.com>
cc: Linux Servers mailing list <SERVER-LINUX@NETSPACE.ORG>,
        linux-security@tarsier.cv.nrao.edu
In-Reply-To: <2.2.32.19960709184718.00696b4c@CompLaw.com>

On Tue, 9 Jul 1996, Samuel Lewis wrote:

> BTW, I noticed some samba logs on [system name deleted].  Are you running 
> samba on that system, or is it integrated into red had 3.0.3?

This is something I meant to say something about...but kept forgetting.  
There's this box I installed very nearly all of Red Hat 3.0.3 on to get a 
feel for Red Hat and see just how much I'd hate it.  Maybe I just haven't 
gotten to know it well enough...but I greatly prefer my hacked up 
slackware based boxes.  Anyway, one day a co-worker brings in his 
notebook with pcmcia ethernet, and asks me whats up with this Windows 
server on our network.  "What windows server?"  It was then that I found 
that by default, Red Hat 3.0.3 setup Samba for me and ran it with /tmp 
world rw.  I still don't know Samba, but I assume this is the section of 
config file responsible:

[tmp]
   comment = Temporary file space
   path = /tmp
   read only = no
   public = yes

On a small box such as this one, where the root fs is _the_ fs, a world 
writable (no account needed) exported directory could be a very bad thing.

------------------------------------------------------------------
 Jon Lewis                      |  Mime attachments are OK
 jlewis@inorganic5.fdt.net      |  But please ask before sending 
 http://inorganic5.fdt.net      |  unsolicited huge files.
________Finger jlewis@inorganic5.fdt.net for PGP public key_______

home help back first fref pref prev next nref lref last post