[Samba] Samba patches and lack of instructions

Tue Sep 9 08:15:21 MDT 2014

Have been tasked with closing glaring security holes in samba 3.4.0 on an AIX 6.1 host.   Found your page of security patches however the way they are listed on the page is not very good.  The columns and rows are convoluted in the way the information is presented.  In addition to the poor presentation of the security patches there are no instructions on the security patch page on the proper method to install said patches (that is assuming that the proper patch(es) can be picked out of the messy list.  Instructions should contain checks for prerequisites and should assume no prior knowledge of the product, which in going through other documents on your website there are tons of cases of "Assuming Prior Knowledge".  All patch, update, and installation packages need and should have detailed installation instructions included in some form of text file.  Need to have detailed instructions for the proper installation of the patch(es)

We are not in position to move to a later Samba release as there are no newer Samba binaries available, and come to find that Samba's link to "any" AIX binaries is dead and goes no where.  The customer does not possess the programming compilers in order to attempt to build a new Samba from source.  So we are stuck with attempting to patch what they have.

One has to remember that most of us that have to deal with  products such as Samba come into the situation long after the product has been installed, customized countless times by numerous admins that have come and gone leaving behind no documentation of their far less than expert programming skills, and now it is broken or needs fixed in some fashion.  Samba's brass assumptions of Prior Knowledge leave those of us tasked with fixing the product in very poor positions.

Regards

Steven Palser
Senior Technical Support Representative
Harland Technology Services
Steve.Palser at harlandts.com
800.228.3628
402.697.3000
www.harlandts.com

CONFIDENTIALITY NOTICE: The information contained in this message is intended only for the recipient and may contain information that is confidential. If you are not the intended recipient or an employee or agent responsible for delivering this message to the intended recipient; please be aware that any dissemination, forwarding, printing, copying, disclosure or distribution of this communication is strictly prohibited. If you have received this communication in error, please immediately notify the sender by replying to the message and deleting all copies, including attachments, from your system.