[Pkg-samba-maint] home shares enabled by default?
Christian Perrier
bubulle at debian.org
Wed Dec 5 04:58:03 UTC 2007
Quoting Steve Langasek (vorlon at debian.org):
> In https://launchpad.net/bugs/27608, security is one of the issues
> contributing to Ubuntu disabling [homes] by default, but there are others.
I don't really see that bug as a security issue, but more confusion
induced by the homes share being enabled and the user creating another
share with his login name as share name.
> I think the first issue should be regarded as a bug in Samba regardless and
> should be fixed; the only sensible precedence order is for
> statically-defined shares in smb.conf to take precedence over autoshares.
> (net usershares are another matter...)
I suspêct some hot discussion with upstream here. That practice is
long-established one so all experienced samba admins know about this.
> But what about the second point? I've always thought it useful to share
> homedirs by default, but I can appreciate that some people disagree; among
> other things it provides a method for a remote attacker to verify account
> names on the system (NT_STATUS_ACCESS_DENIED vs.
> NT_STATUS_BAD_NETWORK_NAME), and it may be that users don't really want
> their home directory shared by default over CIFS even when successful
> password authentication as the user is required.
There's a point, here. I don't really see it as engouh worrying for us
to disable the homes share, mostly because noone really serious is
using CIFS-based networks in exposed environments (read outside
corporate networks). Of course, even inside protected networks, some
attackers may try guessing the usernames, but I see this as low risk
when compared to the disadvantage of diverging from upstream behaviour.
>
> Would it be appropriate to comment out the [homes] shares to match the
> Windows default behavior, or do you guys think that the Samba upstream
> behavior is correct?
Well, given that "home" directories for Windows users are quite a
different concept and, indeed, most of them being network shares in
corporate environements (to allow roaming), I think that this argument
has low weight.
I'm not really keen to change the default and no longer share home
directories as long as upstream still shares them by default.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : http://lists.alioth.debian.org/pipermail/pkg-samba-maint/attachments/20071205/4036c143/attachment.pgp
More information about the Pkg-samba-maint
mailing list