[Samba] PROPOSAL: Remove SWAT in Samba 4.1
Gregory Sloop
gregs at sloop.net
Tue Feb 19 20:24:42 MST 2013
DS> On 02/17/2013 6:02 PM, Andrew Bartlett wrote:
>> As most of you would have noticed, we have now had 3 CVE-nominated
>> security issues for SWAT in the past couple of years.
>>
-SNIP-
>>
>> Therefore, it was suggested on a private list that we just drop SWAT. I
>> want to start a public discussion on that point, prompted by
>> http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=700729 which reminds us
>> why we didn't apply the specific CSRF hardening we applied in 4.0.2 to
>> SWAT in the first place.
>>
>> Thanks,
>>
>> Andrew Bartlett
DS> I have yet to make the jump to Samba4, so I have not seen the version of
DS> SWAT designed for it.
DS> For me, the primary benefit of SWAT in Samba3 was the ability to use the
DS> help link for any parameter to see what that parameter did, what the
DS> default was, and what its proper syntax was. For reference, I ran "man
DS> smb.conf". Viewing full screen, I pressed the "Page Down" key 34 times
DS> and was still in the 1st third of the alphabetical listing of
DS> parameters. It's no small wonder that I never used "man smb.conf" to
DS> configure Samba. SWAT was my friend.
DS> So, if Samba4 has anywhere near the number of parameters as Samba3, I
DS> would be greatly disappointed to see SWAT go away entirely. An html
DS> version of the samba-doc package that contained all parameters with
DS> links to their definitions/descriptions would be a welcome and suitable
DS> replacement.
DS> Thanks,
DS> Dale
I'm working through smb.conf options now, and I see that the official
Samba docs for the smb.conf file are v3 only.
I've taken the liberty of cranking the smb.conf man file to html and
I've added a link in the wiki to it.
[I can't post full html to the Wiki and editing the smb.conf html
conversion to "wiki-eese" will be way too time consuming and
cumbersome. So, I've simply put it on my own web-server and linked to
it. My apologies if this violates some commonly accepted protocol, but
I needed it as much as anyone. I'm glad to send the file to whomever
needs it and once it's up at samba.org, change the link to point
there.]
However, for anyone looking for a web version of the smb.conf for
4.0.3 - see this wiki page.
http://wiki.samba.org/index.php/Documentation_Links/samba4-smb.conf
While for format isn't perfect, it's easier to search and navigate
than the man page.
-Greg
More information about the samba
mailing list