[Samba] Low performance when using "server signing" = "mandatory"
adam.blaszczykowski at gmail.com
Mon Oct 23 10:02:20 UTC 2023
Ok thank you.
So, Is my file server with Samba 4.17.12 vulnerable to CVE-2016-2114 if it
is not a DC server?
To be clear, I don't use any Active Directory domain controller in my
pon., 23 paź 2023 o 10:20 Rowland Penny via samba <samba at lists.samba.org>
> On Mon, 23 Oct 2023 09:54:47 +0200
> Adam Błaszczykowski via samba <samba at lists.samba.org> wrote:
> > Hello,
> > I have updated my system to Debian 12 with Samba 4.17.12, but the
> > problem with performance still exist.
> > On the Samba page there is a note in the CVE-2016-2114 description:
> > "Note that the default for server roles other than active directory
> > domain controller, is "off" because of performance reasons."
> > https://www.samba.org/samba/security/CVE-2016-2114.html
> > Does it mean that using "server signing = required" for file server
> > with "server role = standalone" doesn't increase security and only
> > cause problems with performance ?
> No, what it is saying is, from my understanding, that it is set to off
> by default on everything but a DC because of the very problem you are
> suffering, whilst you get better security, it just slows everything
> Also, I have never understood why anyone would run a standalone server
> in a domain, you lose everything a domain gives you.
> To unsubscribe from this list go to the following URL and read the
> instructions: https://lists.samba.org/mailman/options/samba
More information about the samba