security issues
Verfasst: 30 Okt 2008, 15:48
hi,
one obvious thing that I have noticed...
files inside the depot on the shares (i.e. opt_pcbin\*\*) should not be writable
they should be denied either by smb.conf directive (easier) or by FS privileges on the opsi host (harder, because everytime you modify the script you would have to change the privileges and besides, reinstallation of the packages will not be possible).
so my advice is to set readonly = yes in smb.conf instead of writeable = yes
one obvious thing that I have noticed...
files inside the depot on the shares (i.e. opt_pcbin\*\*) should not be writable
they should be denied either by smb.conf directive (easier) or by FS privileges on the opsi host (harder, because everytime you modify the script you would have to change the privileges and besides, reinstallation of the packages will not be possible).
so my advice is to set readonly = yes in smb.conf instead of writeable = yes