[PROPOSAL] Remove password level (or all plaintext passwords?) for 4.1
Simo
idra at samba.org
Mon May 27 06:30:30 MDT 2013
On 05/27/2013 08:12 AM, Simo wrote:
> On 05/27/2013 07:55 AM, Andrew Bartlett wrote:
>> On Mon, 2013-05-27 at 07:39 -0400, yaberger at ca.ibm.com wrote:
>>> Hi Andrew,
>>>
>>> Here is a first list of clients that are using our Samba file service.
>>> There will be a few more under "Other network devices" that I'll
>>> send in
>>> another email once I'll have received it.
>>> I should also know which DOS flavor/version is being used in the
>>> upcoming
>>> days.
>> Thanks. How much are you able to test in this environment?
>>
>> If I gave you a patch that removed 'password level' and with it the
>> password cracker (upper/lower case transition), could you verify if it
>> still works well enough for your clients?
>>
>> The code is ugly, but it is very much contained and I don't need to
>> remove it in the face of an active user participating on the mailing
>> list, because if we break it, we know you will be able to work with us
>> promptly.
>
> Why should you remove them ?
>
> -1 from me unless there is an extremely good reason.
Sorry, nvm this -1, 't was a barin fart.
I read 'password checker' instead of password cracker, and I thought it
extended to remove things like check password script.
If this is limited to lanman backwards compatibility I am not so strong
on a -1, but then we should officially drop support for all DOS/Lanman
features. It's no use to keep around any other feature if old DOS
clients simply can't log in.
Ie still a mild -1 to the approach, but not to the general idea of
dropping DOS support wholesale of that's the intent.
Simo.
More information about the samba-technical
mailing list