[Samba] IPC$ share accessible with arbitrary usernames/passwords

Andrew Bartlett abartlet at samba.org
Tue Nov 19 20:57:08 GMT 2002


On Wed, 2002-11-20 at 01:45, kirk johnson wrote:
> 
> AB = andrew bartlett
> 
>  AB > Both options are only in Samba 3.0. Run 'testparm', before you
>     > wonder why an option doesn't work.
> 
> ah, now i understand what you meant by "samba HEAD".
> 
>  AB > It's an information leak - an unauthenticated user can find out
>     > a list of all users.  Interestingly, much of this information
>     > can be inferred from other calls that are not controlled by
>     > 'restrict anonymous = 1'.
> 
> okay.
> 
>  AB > Samba 3.0 implements 'restrict anonymous = 1'.  I'm about to add
>     > 'restrict anonymous = 2' support.  (Which locks down all guest
>     > access to IPC$, but breaks lots of things, like PDC and browse
>     > mater support).
> 
> so is it fair to say that this "hole" is not completely closed by any
> currently-released versions of samba?

To close this 'hole' will cause significant loss of functionality, on
both NT and Samba, but yes - you cannot fully disable this in a
currently released version of Samba.

Andrew Bartlett

-- 
Andrew Bartlett                                 abartlet at pcug.org.au
Manager, Authentication Subsystems, Samba Team  abartlet at samba.org
Student Network Administrator, Hawker College   abartlet at hawkerc.net
http://samba.org     http://build.samba.org     http://hawkerc.net
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/samba/attachments/20021119/a6f5db80/attachment.bin


More information about the samba mailing list