[Samba] disabling version number
Andrew Bartlett
abartlet at samba.org
Sat Apr 26 05:18:21 GMT 2003
On Tue, 2003-04-15 at 01:23, Gerald (Jerry) Carter wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> On Mon, 14 Apr 2003, Florian Effenberger wrote:
>
> > Hi Jerry,
> >
> > thanks for the reply, that's exactly what I meant. :-)
> >
> > I know security by obscurity isn't good, but may I suggest a new option in
> > the smb.conf file, something like
> >
> > version_string = "Samba %s"?
>
> The version string has already been stripped out in Samba 3.0.
Looking at the CVS logs, I'm not sure it was deliberate - and means that
we can no longer be identified by the traditional method for client bug
work-around.
I actually think we should put the version string back.
I'm certainly not convinced by the security-by-obscurity argument for
this.
Andrew Bartlett
--
Andrew Bartlett abartlet at pcug.org.au
Manager, Authentication Subsystems, Samba Team abartlet at samba.org
Student Network Administrator, Hawker College abartlet at hawkerc.net
http://samba.org http://build.samba.org http://hawkerc.net
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/samba-technical/attachments/20030426/8699b980/attachment.bin
More information about the samba-technical
mailing list