Bad machine accounts

Thu May 21 23:16:47 GMT 1998

Andrew Perrin - Demography wrote:
> 
> Well, blake now browses okay, so I'll skip those.  Logs available for your
> reading pleasure on the web are:
> 
> 1.) boserup (the pdc) when aperrin logs into kitagawa:
> http://demog.berkeley.edu/~aperrin/bos.connect.log
> 2.) blake when aperrin logs into kitagawa:
> http://demog.berkeley.edu/~aperrin/bla.connect.log
> 3.) boserup when aperrin tries to connect to \\boserup\aperrin or
> \\boserup\homes:
> http://demog.berkeley.edu/~aperrin/bos.usehome.log
> 

Phew - nailed it. That one was a *bastard* to find.

The problem is you have 'revalidate = true' set in
your smb.conf global section on BOSERUP.

This is interacting badly with the 'security=user'
parameter - as is really is meant to be used for
security=share settings.

What happens is that the tconX call is made with
no password, as you have already given a valid
encrypted password in the sessionsetupandX.

The default tconX case with no password is this piece of 
code in password.c

  /* check for a previously validated username/password pair */
 if (!ok && !lp_revalidate(snum) &&
      (vuser != 0) && !vuser->guest &&
      user_ok(vuser->name,snum)) {
    fstrcpy(user,vuser->name);
    *guest = False;
    DEBUG(3,("ACCEPTED: validated uid ok as non-guest\n"));
    ok = True;
 }

Note that having revalidate set screws it up, as it causes
this code not to be executed.

I'll check with Andrew for the exact meaning of the
revalidate parameter, as I think it may be redundent
with security=user, in which case we can replace this
code with 

&& (!lp_revalidate(snum) || lp_security() > SEC_SHARE) &&....

But this is a security sensitive change so I'll not
make it lightly.

Jeremy.

-- 
--------------------------------------------------------
Buying an operating system without source is like buying
a self-assembly Space Shuttle with no instructions.
--------------------------------------------------------