Duplicate SMB file_ids leading to Windows client cache poisoning
Andrew Walker
awalker at ixsystems.com
Thu Dec 9 20:40:36 UTC 2021
On Thu, Dec 9, 2021 at 3:28 PM Tom Talpey via samba-technical <
samba-technical at lists.samba.org> wrote:
> On 12/9/2021 1:58 PM, Ralph Boehme wrote:
> > Hi Tom,
> >
> > On 12/9/21 19:48, Tom Talpey wrote:
> >> I really think you need a bulletproof mathematically correct
> >> uniqueid generator here.
> >
> > Patches welcome. :)))
> >
> > I guess all we can get is an approximation.
>
> But, the penalty for a collision is data corruption! It's unacceptable
> to wing it.
>
> Can't TDB help here? Stuff a number into the database and save it.
> Increment it by one for each new fileid needed.
>
> Carve out a hundred, or a thousand, so you don't have to do a
> transaction every new handle. Increment that by the carveout for
> the next call. 64 bits will last you forever, so you could even
> use it across server restart.
>
> Make it fancier, if monotonicity is too easily forged, or misused.
>
> Tom.
>
Tom,
I was glancing through MS-SMB and noticed that it states that file ids must
be unique, but may be re-used if the file is deleted.
https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-smb/44c3cf8d-0931-4923-8fdc-738537ba70ba
Is that not the case? Or maybe discouraged?
Out of curiosity, why can't we use device/inode?
Andrew
More information about the samba-technical
mailing list