[Samba] Samba patches and lack of instructions

Rowland Penny rowlandpenny at googlemail.com
Wed Sep 17 08:50:54 MDT 2014

On 09/09/14 15:15, Steve.Palser at harlandts.com wrote:
> Have been tasked with closing glaring security holes in samba 3.4.0 on an AIX 6.1 host.   Found your page of security patches however the way they are listed on the page is not very good.  The columns and rows are convoluted in the way the information is presented.  In addition to the poor presentation of the security patches there are no instructions on the security patch page on the proper method to install said patches (that is assuming that the proper patch(es) can be picked out of the messy list.  Instructions should contain checks for prerequisites and should assume no prior knowledge of the product, which in going through other documents on your website there are tons of cases of "Assuming Prior Knowledge".  All patch, update, and installation packages need and should have detailed installation instructions included in some form of text file.  Need to have detailed instructions for the proper installation of the patch(es)
> We are not in position to move to a later Samba release as there are no newer Samba binaries available, and come to find that Samba's link to "any" AIX binaries is dead and goes no where.  The customer does not possess the programming compilers in order to attempt to build a new Samba from source.  So we are stuck with attempting to patch what they have.
> One has to remember that most of us that have to deal with  products such as Samba come into the situation long after the product has been installed, customized countless times by numerous admins that have come and gone leaving behind no documentation of their far less than expert programming skills, and now it is broken or needs fixed in some fashion.  Samba's brass assumptions of Prior Knowledge leave those of us tasked with fixing the product in very poor positions.
> Regards
> Steven Palser
> Senior Technical Support Representative
> Harland Technology Services
> Steve.Palser at harlandts.com
> 800.228.3628
> 402.697.3000
> www.harlandts.com

WOW, in the first place, this is a community support mailing list and 
coming on here bitching like you have, is not conducive to getting help, 
especially as a quick google would have found you this:


You complained that your customer don't have the compiler to build samba 
from source, just what did you think that you would do with the patches?

> CONFIDENTIALITY NOTICE: The information contained in this message is intended only for the recipient and may contain information that is confidential. If you are not the intended recipient or an employee or agent responsible for delivering this message to the intended recipient; please be aware that any dissemination, forwarding, printing, copying, disclosure or distribution of this communication is strictly prohibited. If you have received this communication in error, please immediately notify the sender by replying to the message and deleting all copies, including attachments, from your system.

More information about the samba mailing list