[prev in list] [next in list] [prev in thread] [next in thread]
List: best-of-security
Subject: BoS: microsoft maligns samba
From: Julian Assange <proff () suburbia ! net>
Date: 1995-10-23 8:08:28
[Download RAW message or body]
Date: Sat, 21 Oct 1995 09:39:30 -0500
From: tim@datapage.com (Tim Rand)
To: samba@anu.edu.au
Cc: Andrew.Tridgell@anu.edu.au
Subject: Microsoft Maligns Samba
Message-ID: <v02130500acaeb3b51aba@[192.9.200.90]>
I just received a message from Microsoft <WinNews@microsoft.com> titled:
> Microsoft(R) WinNews Electronic Newsletter
> Special Issue, October 20, 1995
that contained the following:
>File and Printer Sharing for Microsoft Networks (not MSN:
> The Microsoft Network online service)
>
>Microsoft is also issuing an update for a known problem
>with File and Printer Sharing for Microsoft Networks and a
>certain UNIX shareware network client (Samba's SMBCLIENT).
>The update corrects a problem with share-level security
>documented in the Microsoft Knowledge Base on October 9th.
>The update also includes a correction for a similar problem
>with user-level security that Microsoft recently discovered
>as part of its internal testing of the new driver.
>
>Customers whose environments meet all of the conditions
>below, may have their data susceptible to network or
>Internet hackers:
>
> 1. They configure their machine to share files and
> printers with other users on the network using File
> and Printer Sharing for Microsoft Networks (This
> option is not turned on by default)
>
> 2. They share a LAN, Internet, or Dial-Up connection
> with a UNIX-based computer running Samba's
> SMBCLIENT software
>
> 3. The network administrator does not disable peer
> services using System Policies
>
>The Samba SMB client allows its users to send illegal
>networking commands over the network. The Samba client is
>the only known SMB client at this time that does not filter
>out such illegal commands. SMBCLIENT users do not
>automatically have access to the Windows 95 drive, and
>must know the exact steps to send these illegal commands.
>
>The updated driver prevents these illegal commands from
>being executed, preventing SMBCLIENT users from accessing
>the drive on which sharing is enabled. With the updated
>driver, the SMBCLIENT user will only have access to those
>shared folders that the Windows 95 user has designated.
I find it unreasonable that Microsoft says that SMB Client allows users to
send "illegal networking commands over the network."
Andrew, I urge you to find a politically correct way to tell Microsoft that
they are wrong here stating that Samba alone allows this. My view is that
Samba is not doing anything that any other programmer out there in the
world could not do as well. This is a security hole on the workstation
side. Perhaps Samba might have 'shown the way,' but Samba isn't the
problem.
Also, note that they say that they noticed a "similar problem with
user-level security that Microsoft recently discovered as part of its
internal testing of the new driver." Yet, they fail to elaborate on that
as much as they do on the Samba topic.
As an early adopter of Samba and a true believer in what Andrew is doing, I
am willing to stand up and stand behind Samba. Good work Andrew... Don't
let the big boys get you down. True innovation occurs in places other than
Redmond!
"Freedom comes not from doing what we want, but rather doing what we
ought." John Paul II
+---------------------------------------------------------------+
Tim Rand Datapage Technologies tim@datapage.com
St. Peters, MO or tim@michelob.wustl.edu
+1 314 278-8888 +1 314 278-2180 (fax)
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic