Passthough security fix.
Jeremy Allison
jallison at whistle.com
Tue Apr 21 00:53:26 GMT 1998
Hi all,
I was chatting with Roger Binns (author of
VisionFS, he's out in Santa Cruz at the moment so
we got to exchange CIFS gossip :-), and he came
out with a wonderful solution to the NT bug that
means NT Server doesn't set the guest bit when
logging on a user in pass-though security.
They send the sessionsetup request *twice* - once
with the correct password, and once with a password
of random garbage. If both are accepted then the
user was guest, if the first was accepted and
the second rejected then the user was non-guest.
Simple, elegant and works with all broken versions
of NT. Can anyone see any disadvanages ?
Cheers,
Jeremy.
--
--------------------------------------------------------
Buying an operating system without source is like buying
a self-assembly Space Shuttle with no instructions.
--------------------------------------------------------
More information about the samba-technical
mailing list