Bug 7710 - patch Restricting userlistings
patch Restricting userlistings
Status: NEW
Product: Samba 3.5
Classification: Unclassified
Component: User & Group Accounts
unspecified
All All
: P3 enhancement
: ---
Assigned To: Samba Bugzilla Account
Samba QA Contact
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2010-10-04 05:22 UTC by Néher Márton
Modified: 2010-10-04 05:23 UTC (History)
0 users

See Also:


Attachments
This patch implements restricted userlistings in queryinfo RPC. Response contains only users in the querier's primary group. (12.74 KB, patch)
2010-10-04 05:23 UTC, Néher Márton
no flags Details

Note You need to log in before you can comment on or make changes to this bug.
Description Néher Márton 2010-10-04 05:22:29 UTC
If you are serving different users with one samba, users can see the other customers users when granting ACLs (rpc displayinfo queries).
Comment 1 Néher Márton 2010-10-04 05:23:56 UTC
Created attachment 5996 [details]
This patch implements restricted userlistings in queryinfo RPC. Response contains only users in the querier's primary group.

Modifications to implement restricted user listing. You can use restrictions only with LDAP backend.  If ldap restrictions are switched on users can see users in thei primary groups and ther primary groups if they are trying to grant ACLs on windows. This is good for anybody who is serving different customers with one samba, and don't want them to  see each others users.