HP CIFS Server 3.0b Administrator's Guide version A.02.01.01
Securing HP CIFS Server
Security Protection Methods
Chapter 10 225
You need to be aware that the smbpasswd -w command stores the LDAP
administrator’s user and password in the
/var/opt/samba/private/secrets.tdb file in plain text.
Using %m Name Replacement Macro With Caution
The NetBIOS name of remote clients is substituted into the "%m” macro
wherever it occurs in the smb.conf configuration file. The use of
contrived NetBIOS names may result in Samba using a file path outside
of the intended Samba directories. This can be used to cause Samba to
append data to important system files, which in turn can be used to
compromise security on the server.
An immediate fix is to edit your smb.conf configuration file and remove
all occurrences of the macro "%m". Depending on the requirements of
each site, other smb.conf macros may be suitable replacements.
The log file option is the most vulnerable to this redefinition problem.
The sample configuration file contains the path,
/var/opt/samba/log.%m. Using this default path does not create a
vulnerability unless there happens to exist a subdirectory in
/var/opt/samba which starts with the prefix "log.".
If you choose to maintain the use of the "%m" macro in the log file
option, you should use the default value, /var/opt/samba/log.%m.
/var/opt/samba/private/smbpasswd Data file containing user name and
password information
/var/opt/samba/private/passdb.tdb Data file containing user name and
password information
/opt/samba/LDAP/smbldap-tools/smb
ldap_conf.pm
Data file used to hold LDAP
administrator user and password in
plain text
Table 10-1 Configuration Files (Continued) (Continued)
File Description