[jcifs] Dealing with simultaneous users in a Win2k3 environment
Christopher R. Hertel
crh at ubiqx.mn.org
Fri Mar 19 20:59:43 GMT 2004
On Fri, Mar 19, 2004 at 03:42:00PM -0500, Michael B Allen wrote:
:
> > 1. new SmbFile("smb://").listFiles() --> Fails (expected because no
> > authentication was given)
>
> Actually I don't recall ever seeing this fail. All systems that I work
> with use null credentials to get the list of domains. Maybe Win2k3 changed
> that. Donno. What was the error?
I have *heard* of this, though I've not seen it myself. WinNT and family
will disallow browsing of local shares but, as you say, they generally
allow anonymous access to the workgroup and server lists.
> > 2. new SmbFile("smb://user:pass@/").listFiles() --> Gives the list of
> > domains (expected)
> >
> > 3. new SmbFile("smb://").listFiles() --> Gives the list of domains (bad;
> > this is a security risk)
>
> JCIFS does not reuse security contexts but it does reuse TCP transport. I
> have a feeling this is actually something going on on the windows server
> (master browser). Meaning once a user has successfully authenticated the
> NetServerEnum is suddenly available without credentials. Yet another quirk
> in Windows' implementation.
See, I should have waited for your message before I sent my last one.
Looks as though a trace is in order. I'd love to see this actually
happen.
Michael K.: Which version of jCIFS?
Chris -)-----
--
"Implementing CIFS - the Common Internet FileSystem" ISBN: 013047116X
Samba Team -- http://www.samba.org/ -)----- Christopher R. Hertel
jCIFS Team -- http://jcifs.samba.org/ -)----- ubiqx development, uninq.
ubiqx Team -- http://www.ubiqx.org/ -)----- crh at ubiqx.mn.org
OnLineBook -- http://ubiqx.org/cifs/ -)----- crh at ubiqx.org
More information about the jcifs
mailing list