[linux-cifs-client] [PATCH] Test the password field as well as the username field when looking for a session to reuse.
Alex Zeffertt
alex.zeffertt at eu.citrix.com
Wed Apr 21 09:09:05 MDT 2010
Hi all,
I have found a problem with the reusing of existing sessions. The kernel only
tests the username but not the password when deciding whether to reuse an
existing session. As a result it is possible for mount.cifs to succeed even if
the password is incorrect, provided that there is an existing session between
the client and server for that user.
Please could you consider the attached patch which addresses this issue.
Regards,
Alex Zeffertt
-------------- next part --------------
A non-text attachment was scrubbed...
Name: do-no-reuse-session-if-password-different.patch
Type: text/x-diff
Size: 1390 bytes
Desc: not available
URL: <http://lists.samba.org/pipermail/linux-cifs-client/attachments/20100421/37a1dcbc/attachment-0001.patch>
More information about the linux-cifs-client
mailing list