Proposal for modifying Get_Pwnam() [Re: couple of getpwnam() questions]

Andrew Bartlett abartlet at pcug.org.au
Sun Nov 26 02:15:49 GMT 2000 

Could samba have an option to do NO username work for the client, if we
assume that the client is a potential attacker?  (Or does SMB spew
usernames all over the shop already, making this irrelevant).  

Full case sensitivity for usernames (at least where we know that the
client OS has not changed that case) could help resolve the situation
where (as I have had) one protocol is case sensitive (OpenSSH, I use it
for password changes) and another is not (Samba, I use it for student
file shares).  Such an option looks as if it would be usefull on OpenVMS
in any case, with its case insensitive usernames.

Just my 2 cents worth,

Andrew Bartlett
 
Gerald Carter wrote:
> 
> Steve Langasek wrote:
> >
> > I think Gerald's question is still relevant: even
> > if there is a more efficient way to do what the
> > code currently does, *why* is it being done at all?
> 
> ok.  Here is my proposal for a change.  Psuedo code to follow...
> 
> struct passwd* Get_Pwnam(char* username, BOOL flag)
> {
> 
>     1. attempt to lookup the username in all lower case
>        if success
>           return
> 
>     2. attempt to lookup the username as transmitted (if
>        transmitted in mixed case).
>        if success
>           return
> 
>     3. attempt to lookup the username in all caps
>        if success
>           return
> 
>     4. perform number case permutations defined by
>        'username level' (defaults to 0)
> 
>     return failure;
> 
> }
> 
> This will catch non-NT systems than convert the username to
> all caps.  In the event of a bad username, we will be
> saving 3 getpwnam() calls.  In the event of a good username,
> and if the host systems follows the standard convention of
> usernames in all lower case (by far the most common case
> I think), we end up with only one getpwnam().
> 
> What I really want to prevent is 5 lookups when a name
> does not exist.  Sound fair?
> 
> As this is a big change in the semantics of how samba does
> a name lookup (is many sections of the code), I want to
> give a fair chance for input from people before I go breaking
> things :-)
> 
> Cheers, jerry
> ----------------------------------------------------------------------
>    /\  Gerald (Jerry) Carter                     Professional Services
>  \/    http://www.valinux.com/  VA Linux Systems   gcarter at valinux.com
>        http://www.samba.org/       SAMBA Team          jerry at samba.org
>        http://www.plainjoe.org/                     jerry at plainjoe.org
> 
>        "...a hundred billion castaways looking for a home."
>                                 - Sting "Message in a Bottle" ( 1979 )

-- 
Andrew Bartlett
abartlet at pcug.org.au

More information about the samba-technical mailing list