diff options
| author | Andrew Bartlett <abartlet@samba.org> | 2013-03-08 16:49:21 +1100 |
|---|---|---|
| committer | Andrew Bartlett <abartlet@samba.org> | 2013-03-10 12:00:31 +0100 |
| commit | 287b5f6c0f40d3e3d09bc2ce80f5fee02cbae40f (patch) | |
| tree | b6704e7d0d8043eaa59d7b4b78e69abffc3322a7 | |
| parent | 6ac0bdc4513bb5a7bf9ecf0cd0986f6122f96dba (diff) | |
| download | samba-287b5f6c0f40d3e3d09bc2ce80f5fee02cbae40f.tar.gz samba-287b5f6c0f40d3e3d09bc2ce80f5fee02cbae40f.tar.bz2 samba-287b5f6c0f40d3e3d09bc2ce80f5fee02cbae40f.zip | |
param: Remove incorrectly added defaults in AD DC allowing WORLD WRITABLE files
These defaults were incorrectly added in
fc5caffbc139d63cab1ec105884863f73772586f in what turns out to be an
incorrect fix for bug #9462, which was in turn introduced by the
swapping of security mask (default 0777) for create mask (0755) in
6adc7dad96b8c7366da042f0d93b28c1ecb092eb.
While the permissions on sysvol and netlogon (the default shares) were
fixed by provision, any additional shares that did not yet have an
explit ACL set would create world-writable files by default.
Administrators will need to manually correct the file permissions on
any additional shares that were created after installation of the AD
DC.
Andrew Bartlett
Reviewed-by: Michael Adam <obnox@samba.org>
Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Sun Mar 10 12:00:31 CET 2013 on sn-devel-104
| -rw-r--r-- | source3/param/loadparm.c | 2 |
1 files changed, 0 insertions, 2 deletions
diff --git a/source3/param/loadparm.c b/source3/param/loadparm.c index ce1c1d82b3..75b63c5231 100644 --- a/source3/param/loadparm.c +++ b/source3/param/loadparm.c @@ -3535,8 +3535,6 @@ static void init_locals(void) lp_do_parameter(-1, "map readonly", "no"); lp_do_parameter(-1, "map archive", "no"); lp_do_parameter(-1, "store dos attributes", "yes"); - lp_do_parameter(-1, "create mask", "0777"); - lp_do_parameter(-1, "directory mask", "0777"); } } |