The Samba-Bugzilla – Bug 3119
pdb_mysql / pdb_pgsql security concerns
Last modified: 2006-02-10 08:42:07 UTC
The password for the mysql/pgsql user used by the pdb_mysql and pdb_pgsql
modules is stored in plain text in smb.conf. This is obviously a security
concern as it requires smb.conf to be readable only to the user as which Samba runs.
This can probably be fixed easily by providing a mechanism similar to the one
used for the LDAP admin password.
I'm filing this bug report to make sure this will be fixed before the modules
lose their 'experimental' mark.
See bug 3375. If someone wants to maintain these modules outside
the Samba source tree, that is fine. But the source has been removed
from the upcoming 3.0.22 release.