[Samba] Impending Removal of --with-ssl

abartlet at samba.org abartlet at samba.org
Sun May 5 20:34:02 GMT 2002 

On Sun, May 05, 2002 at 10:06:53AM -0400, Nathan Lutchansky wrote:
> On Sun, May 05, 2002 at 02:50:13AM -0700, abartlet at samba.org wrote:
> > On Sat, May 04, 2002 at 11:22:41PM -0400, Nathan Lutchansky wrote:
> > > 
> > > 1) Can we assume that Microsoft will never include SSL functionality in
> > >    their Windows clients?  Does MS have some other method of providing
> > >    transport security instead?  If the answers are "yes" and "yes", then 
> > >    I'd say it is safe to remove.  Otherwise it might feel silly to add SSL 
> > >    back when some XP service pack adds SSL functionality later on.
> > 
> > yes on both counts.  Message authenticaion and encryption are available in the 
> > CIFS protocol, and are detailed in the SNIA Technical Reference (not to
> > be confused with the MS Technical Reference)
> 
> Oh.  Well, that sounds like the way to go in the future.  I hope it is not 
> as ugly to implement as SSL.
> 
> > > 2) I'd started a project to authenticate users SMB clients based on client
> > >    SSL certificates.  If --with-ssl is removed, SSL authentication can 
> > >    still be done with wrappers and LIBSMB_PROG, but the server wrapper 
> > >    would somehow need to pass authentication information to Samba.  The
> > >    easiest way is to setreuid to the target user before execing smbd, but
> > >    can smbd handle this?  What happens if smbd is started (without -D) as
> > >    some user other than root?  -Nathan
> > 
> > Samba expects this, and allows become_user() calls to 'fail' but still 
> > requires passwords as before.  You could write a new authentication module
> > that implments your requirements quite trivially.  (And use environment 
> > variables or the like to pass the state info along).
> 
> OK, I'll look into this when I have time to get back to that project.  
> Thanks for the hint.

While samba will 'cope' with non-root setups, this really only works in
testing environments, where that same user owns the critical files.

As such I would suggest you make your SSL wrapper leave smbd as root,
and make a cusome authenticaion module figure it out from there.

See samba's rhosts support module for a trivila example of what 
you want to do. (It only still exists becouse its a good example, not
becouse anybody should use it...)

Andrew Bartlett

More information about the samba-technical mailing list