Never send the LM response on cached credentials

Andrew Bartlett abartlet at samba.org
Tue Aug 29 06:27:19 GMT 2006


On Mon, 2006-08-28 at 23:16 -0700, Jeremy Allison wrote:
> On Tue, Aug 29, 2006 at 03:51:36PM +1000, Andrew Bartlett wrote:
> > 
> > Isn't the purpose of this to allow automatic login to websites, without
> > prompting the user for a password?
> 
> Yep.
> 
> > Our defaults here suck.  They let users down by exposing cleartext
> > passwords.  
> 
> If you're proposing changing our defaults to remove LM, I'm ok
> with that. We need feedback on the list on the impact this will
> have.

I propose more than LM.  I propose a minimum of NTLM2.

I think we should have different defaults for automatic logins with
cached credentials compared to logins where the user specifies a
password.  

That is, people still use Win9X servers that can't support NTLM logins,
and others even use plaintext-only Samba servers.  Perhaps we should
make them change the defaults, but I wasn't sure it is possible.

However, I think we can have stronger defaults for this new feature,
without having to worry about existing users.

> > For this new functionality, for the safety of our users, I want stronger
> > defaults.
> 
> Fine by me.

Good :-)

Andrew Bartlett

-- 
Andrew Bartlett                                http://samba.org/~abartlet/
Authentication Developer, Samba Team           http://samba.org
Samba Developer, Red Hat Inc.                  http://redhat.com
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/samba-technical/attachments/20060829/014f1577/attachment.bin


More information about the samba-technical mailing list