Samba Issue

paul.bardeskar at sg.abnamro.com paul.bardeskar at sg.abnamro.com
Thu Aug 25 02:53:25 GMT 2005





Hi Andrew,

Thanks for your efforts.
But does this mean that i can not do anything for this ?

Best Regards,

Paul Bardeskar
ITO Service Delivery Asia Pacific
EDS - ABN AMRO Account,
Software - Midrange ( Unix & Databases)
Mail to  : paul.bardeskar at sg.abnamro.com
Desk    : (65) 6780-6870
Fax       : (65) 6780-6800


                                                                                                                                       
                      Andrew Bartlett                                                                                                  
                      <abartlet at samba.         To:      paul.bardeskar at sg.abnamro.com                                                  
                      org>                     cc:      samba-technical at lists.samba.org                                                
                                               Subject: Re: Samba Issue                                                                
                      25/08/05 10:43                                                                                                   
                                                                                                                                       
                                                                                                                                       




On Thu, 2005-08-25 at 09:43 +0800, paul.bardeskar at sg.abnamro.com wrote:
>
>
>
> Hi Andrew,
>
> Check the attached smb.conf file.
> I have changed the IP and the host name.

You have set 'security=share'.  In the current Samba3 code we do:

      if (lp_security() == SEC_SHARE) {
            /* in share level we should ignore any passwords */

            data_blob_free(&lm_resp);
            data_blob_free(&nt_resp);
            data_blob_clear_free(&plaintext_password);

            map_username(sub_user);
            add_session_user(sub_user);
            /* Then force it to null for the benfit of the code below */
            *user = 0;
      }


In Samba 2.2 it was similar, but my point is simple - in security=share,
the username and password for a session setup (the thing your 'tool' is
testing) is ignored, so indeed it will 'find' dummy accounts.

Andrew Bartlett

--
Andrew Bartlett                                http://samba.org/~abartlet/
Samba Developer, SuSE Labs, Novell Inc.        http://suse.de
Authentication Developer, Samba Team           http://samba.org
Student Network Administrator, Hawker College  http://hawkerc.net



---------------------------------------------------------------------------
This message (including any attachments) is confidential and may be
privileged. If you have received it by mistake please notify the sender by
return e-mail and delete this message from your system. Any unauthorised
use or dissemination of this message in whole or in part is strictly
prohibited. Please note that e-mails are susceptible to change.
ABN AMRO Bank N.V. (including its group companies) shall not be liable for
the improper or incomplete transmission of the information contained in
this communication nor for any delay in its receipt or damage to your
system. ABN AMRO Bank N.V. (or its group companies) does not guarantee that
the integrity of this communication has been maintained nor that this
communication is free of viruses, interceptions or interference.
---------------------------------------------------------------------------



More information about the samba-technical mailing list