Disable SMB2 for 3.6?

Stefan (metze) Metzmacher metze at samba.org
Thu Jul 7 08:48:52 MDT 2011


Hi Volker,

> In response to a user bug report I've discovered a deep
> architectural flaw in our SMB2 server: The credential
> handling is not cleanly done in a central place but spread
> out over way too many places. The symptom is that a
> secondary tcon happens to be called as the user who has
> issued the last SMB2 request, not as root as it has been
> done in SMB1. This breaks quite some assumptions deep inside
> our code. Finding such an architectural flaw at this late
> stage in the release process scares me to death. So I would
> strongly recommend that we disable compiling SMB2 in by
> default and only enable it as highly experimental for 3.6.0.

This patch should fix the problem:
http://gitweb.samba.org/?p=metze/samba/wip.git;a=commitdiff;h=f2806cca536de82739

metze

-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0001-s3-smb2_server-call-change_to_root_user-or-smbd_smb2.patch
Type: text/x-diff
Size: 3450 bytes
Desc: not available
URL: <http://lists.samba.org/pipermail/samba-technical/attachments/20110707/7e2d5133/attachment.patch>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 262 bytes
Desc: OpenPGP digital signature
URL: <http://lists.samba.org/pipermail/samba-technical/attachments/20110707/7e2d5133/attachment.pgp>


More information about the samba-technical mailing list