Reply to post: Re: Never say never

Windows' authentication 'flaw' exposed in detail

asdf Silver badge

Re: Never say never

Wow look at this

https://access.redhat.com/security/cve/CVE-2015-0240

As I said risky to put in a base system and even worse it looks like most Linux distros run smbd as root after all. Yuck. Proving once again Linux is more like Windows than it likes to admit.

Edit: wow Samba is an even bigger POS than I realized.

Running Samba is slightly different to running apache or mysql.

When you connect to the web server all processes are run as user www-data, when you connect to mysqld all processes are run as user mysql.

But when you connect to samba a new process is forked with your user credentials. Only root can fork processes as other users.

It is correct that samba is running as root.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2019