Security concerns (Samba)
Verfasst: 06 Mär 2015, 09:12
Hello,
Please tell me if I get it wrong.
opsi_depot_rw, opsi_images, opsi_config and opsi_workbench shares are writable for pcpatch user. So if a PC user (this can be virus or trojan) catches pcpatch password while opsi-client-agent communicates with Samba server then the whole infrastructure is in danger? It seems pcpatch should only be able to write some logs but nothing more. Am I missing something?
Best regards,
Stanislav
Please tell me if I get it wrong.
opsi_depot_rw, opsi_images, opsi_config and opsi_workbench shares are writable for pcpatch user. So if a PC user (this can be virus or trojan) catches pcpatch password while opsi-client-agent communicates with Samba server then the whole infrastructure is in danger? It seems pcpatch should only be able to write some logs but nothing more. Am I missing something?
Best regards,
Stanislav