SECURITY VULNERABILITY!

[Seth Vidal]

I'm reposting this b/c I think it is MOST serious in that a directive that
would make a samba server marginally secure is being ignored in certain
configuration. 

Hi,


I have a linux machine w/ two samba servers running on it: one is called
puck the other is called nt-linux
Both are running samba 2.0.7 (rh packaging)

the nt-linux server uses encrypted passwords
the puck server uses unencrypted passwords (for older systems)

I have update encrypted set to yes in the smb.conf of puck (the system w/
unecrypted passwords) and I'm pointing both smb.conf's to the same
smbpasswd file.
 
I have null passwords = false in both smb.conf's.

I have set quite a few users to have null passwords (in the smbpasswd file
(via smbpasswd -n username))  so that the unencrypted password server will
be able to update their passwords.

So I figured setting null passwords = false would deny people attempting
to connect w/no password access to the encrypted password server.

The problem is that this is not happening.

when I attempt to connect w/o a password from win98 to the encrypted
password server I am allowed to login and given write access to the areas
that should only be writable by the user (namely their homedir)

This is a SERIOUS problem b/c it means null passwords = no is not being
obeyed when encrypted passwords are enabled.

This is a serious security concern for those attempting to migrate from
unencrypted to encrypted passwords.

Has anyone else encountered this problem?
Is this the way its supposed to work?