svn commit: samba r21991 - in branches/SAMBA_3_0/source:
include lib libsmb smbd
tridge at samba.org
tridge at samba.org
Fri Mar 30 00:21:56 GMT 2007
Jeremy,
Can you explain what you are actually trying to achieve with this
encryption work? Are you trying to protect file data? Or the SMB
transport? Or something else?
Also, what are you trying to protect it from? From people reading on
the wire what the user is doing? Or from someone doing a TCP hijack
and changing the requests?
If you are trying to protect file data, then it would make sense to
encrypt the data being read and written - which means either a flag to
readx/writex, or a new pair of read/write calls that encrypt the file
data.
If you are trying to protect the transport then a share specific
"encryption" option makes no sense as you'd have to accept unencrypted
open file requests to look at the TID and see what share they are
making a request on. That means the filename is unprotected.
I also can't really see the sense behind a setfsinfo request being
used. Calling setfsinfo implies you are changing a property of a
filesystem, but this encryption stuff has nothing to do with the
filesystem - its all "on the wire" stuff. So why use setfsinfo?
Cheers, Tridge
More information about the samba-technical
mailing list