Bug 3119 - pdb_mysql / pdb_pgsql security concerns
pdb_mysql / pdb_pgsql security concerns
Product: Samba 3.0
Classification: Unclassified
Component: pdb_sql
All Linux
: P3 normal
: none
Assigned To: pdb_sql maintainers mail alias
Samba QA Contact
Depends on:
  Show dependency treegraph
Reported: 2005-09-27 05:46 UTC by Jelmer Vernooij
Modified: 2006-02-10 08:42 UTC (History)
0 users

See Also:


Note You need to log in before you can comment on or make changes to this bug.
Description Jelmer Vernooij 2005-09-27 05:46:25 UTC
The password for the mysql/pgsql user used by the pdb_mysql and pdb_pgsql
modules is stored in plain text in smb.conf. This is obviously a security
concern as it requires smb.conf to be readable only to the user as which Samba runs.

This can probably be fixed easily by providing a mechanism similar to the one
used for the LDAP admin password.

I'm filing this bug report to make sure this will be fixed before the modules
lose their 'experimental' mark.
Comment 1 Gerald (Jerry) Carter 2006-02-10 08:42:07 UTC
See bug 3375.  If someone wants to maintain these modules outside
the Samba source tree, that is fine.  But the source has been removed
from the upcoming 3.0.22 release.