CVS update: samba/source/libsmb
jra at samba.org
Wed Jul 16 00:02:49 GMT 2003
On Tue, Jul 15, 2003 at 11:51:56PM +0000, Andrew Bartlett wrote:
> A few comments:
> - On the parmaeters:
> - Do we really need that may ways to say 'required'?
Yes probably. You'd be suprised at all the ways people can think of
using English :-).
> - Could we rename the 'yes' and 'no' options to 'enabled' and 'disabled'?
Well, add "enabled and disabled" rather than rename them :-).
> - On 'client smb signing = required':
> - I think we should bail out only after a successful non-guest session setup,
> or if we are put into share level security.
> - Guest sesions are not protected anyway, and this could impact on browsing
> - We need to defend against protocol-downgrade attacks.
Yes, this makes a lot of sense.... If you want to fix this yourself
then go ahead otherwise I'll check in fixes as I go. Good points though !
More information about the samba-technical