provision: explain why this is required

author Andrew Bartlett <abartlet@samba.org>

Wed, 27 Aug 2014 03:09:22 +0000 (15:09 +1200)

committer Andrew Bartlett <abartlet@samba.org>

Fri, 26 Sep 2014 23:35:36 +0000 (01:35 +0200)
author Andrew Bartlett <abartlet@samba.org>
Wed, 27 Aug 2014 03:09:22 +0000 (15:09 +1200)
committer Andrew Bartlett <abartlet@samba.org>
Fri, 26 Sep 2014 23:35:36 +0000 (01:35 +0200)
diff --git a/python/samba/provision/sambadns.py b/python/samba/provision/sambadns.py

index 9dbea4ef2a591000940a5cc57a46d8786d1e4173..29224c8cf6941643190bcc10b8c6db72e2d3b9e6 100644 (file)
--- a/python/samba/provision/sambadns.py
+++ b/python/samba/provision/sambadns.py
@@ -801,6 +801,14 @@ def create_samdb_copy(samdb, logger, paths, names, domainsid, domainguid):
          logger.error(
              "Failed to setup database for BIND, AD based DNS cannot be used")
          raise
+
+    # This line is critical to the security of the whole scheme.
+    # We assume there is no secret data in the (to be left out of
+    # date and essentially read-only) config, schema and metadata partitions.
+    #
+    # Only the stub of the domain partition is created above.
+    #
+    # That way, things like the krbtgt key do not leak.
      del partfile[domaindn]
  
      # Link dns partitions and metadata
author	Andrew Bartlett <abartlet@samba.org>
	Wed, 27 Aug 2014 03:09:22 +0000 (15:09 +1200)
committer	Andrew Bartlett <abartlet@samba.org>
	Fri, 26 Sep 2014 23:35:36 +0000 (01:35 +0200)