Announcement

Collapse
No announcement yet.

Samba 4.11 Aims To Be Scalable To 100,000+ Users

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • #41
    Originally posted by schmidtbag View Post
    "how do I run ____ as root?"
    su -c ____

    Well that was simple enough to answer

    Comment


    • #42
      Originally posted by skeevy420 View Post
      su -c ____

      Well that was simple enough to answer
      Haha I was actually referring to programs that deny root access, but yeah, I probably should've been more clear about that. Touche.

      Comment


      • #43
        Originally posted by schmidtbag View Post
        Mind explaining why it's so bad when it's obviously a niche case? What's your solution to getting XP support?
        FTP shares (either read-only or encrypted) using a third party application/client. SMB1 is bad, real bad.

        Besides, a lot of workstations ship with it disabled, and/or Win10 disables it at random on PCs.

        Comment


        • #44
          Over the last three years Samba has become so "secure" that it can't be used anymore.

          But heck, if you can't connect to anything I guess that is indeed the ultimate in security

          In any case it's been interesting reading through all of these comments about it. No matter what side of these issues one may be on, I think most will agree that Samba is now so difficult to configure that it's well outside the range of the average, or even above average, users capabilities.

          Heck, I'm an embedded systems designer with almost four decades of experience and I finally just gave up about eight months ago. I actually went out and bought a 2TB SSD one day to transfer data between my Linux and Windows systems, and haven't looked back since. I just couldn't afford to spend any more man months on it. Especially after finally realizing that even if I got it working one day, it was going to break again within the next few months.

          And yes, I tried almost every "solution" mentioned here.

          In any case, I can only imagine that with such a major new release coming things are going to get much, much, worse before they get better.

          Comment


          • #45
            Originally posted by muncrief View Post
            In any case it's been interesting reading through all of these comments about it. No matter what side of these issues one may be on, I think most will agree that Samba is now so difficult to configure that it's well outside the range of the average, or even above average, users capabilities.
            I've been using SFTP for a long while because I couldn't be fucking bothered to set up all the stuff needed to keep Windows happy (i.e. netbios/WMD/whatever plus all the nonsense in Samba config files), also because Samba would run like garbage on my embedded devices.

            Of course I needed a third party application for Windows because its native ftp client is stuck in the 80s https://www.nsoftware.com/sftp/netdrive/
            Last edited by starshipeleven; 08 July 2019, 03:21 AM.

            Comment


            • #46
              Originally posted by schmidtbag View Post
              And is that a surprise to you, considering how little you elaborate?

              wtf? You say that as though removing a password on root doesn't sit within that threshold? Nobody uses SMB1 anymore except for a few odd cases that nobody is looking out for. It's not as critical as you're making it out to be. Meanwhile, removing a root password is far more dangerous than an outdated obscure file-sharing protocol.

              That's exactly my point. How dense are you? It's assumed that the insecurities involved are bad enough that nobody would want to enable SMB1 unless they knew what they were about to get involved in. So, your reason for not having to explain is also the same reason why your comment was useless and unnecessary.
              Ok, enough with the attacks, they are not civil - you might be frustrated, but trying to insult people does not win you an argument - even on the Internet - you are being an ass.

              SMB1 is far from something that is not looked for you may wanna check out https://en.wikipedia.org/wiki/EternalBlue

              Not having a root password is not as much of a problem (for most unix's who do the sane thing and disable root SSH access) as the only way to exploit it is to have code exec on the box. If this is on a personal box/network - You get to break it and keep all the pieces. Yes, insecure passwords are a fun thing in an exploit *chain*.

              Doing something that silly on a prod network should get you a written warning.

              SMB1 is RCE (remote code exec) on windows all by itself.

              That is why it is bad.

              And the reason why it is still active is that people still insist on using it.

              Comment


              • #47
                Originally posted by muncrief View Post
                In any case it's been interesting reading through all of these comments about it. No matter what side of these issues one may be on, I think most will agree that Samba is now so difficult to configure that it's well outside the range of the average, or even above average, users capabilities.
                It is pretty straight forward and well documented in the Samba Wiki:

                https://wiki.samba.org/index.php/Set...ndalone_Server

                Comment


                • #48
                  Originally posted by boxie View Post
                  SMB1 is far from something that is not looked for you may wanna check out https://en.wikipedia.org/wiki/EternalBlue
                  It's required by many embedded NAS boxes that will not really be replaced any time soon (because they ship some ancient Samba + ancient Linux firmware) in small businness environments.

                  I've enabled FTP on sooo many of these devices to fix the "issues" people were having in connecting to it from Windows 10 and newer workstations where it seems SMB1 was disabled by default.

                  Comment


                  • #49
                    Originally posted by boxie View Post
                    Ok, enough with the attacks, they are not civil - you might be frustrated, but trying to insult people does not win you an argument - even on the Internet - you are being an ass.
                    Again, maybe if you spent more time thinking about your response, we wouldn't be here right now. I don't take the aggressive side until someone's behavior is unjustified. And for the record, there is not a direct correlation between correctness and justification.
                    Doing something that silly on a prod network should get you a written warning.
                    I would argue getting fired is warranted, but to each their own.
                    SMB1 is RCE (remote code exec) on windows all by itself.

                    That is why it is bad.

                    And the reason why it is still active is that people still insist on using it.
                    I didn't say it wasn't bad. I know it's bad. If people insist on using it, they either know what they're doing or must suffer the consequences of not choosing a more ideal solution (such as a different OS or FTP). But again, that's obvious. If someone asks a question, I plan to answer it as-is. If I sense they're about to do something really irresponsible, I'll also tell them to reconsider their actions, but most people on Phoronix aren't dumb enough to use SMB1 on something important.
                    Last edited by schmidtbag; 08 July 2019, 08:50 AM.

                    Comment


                    • #50
                      Originally posted by schmidtbag View Post
                      Again, maybe if you spent more time thinking about your response, we wouldn't be here right now. I don't take the aggressive side until someone's behavior is unjustified. And for the record, there is not a direct correlation between correctness and justification.
                      I did, my immediate reaction was "DON'T USE SMB1" - and I am not wrong

                      Originally posted by schmidtbag View Post
                      I would argue getting fired is warranted, but to each their own.
                      Not sure what part of the world you live in, but here down under we have labour laws that prevent outright firing of people unless it is super bad and/or illegal

                      Originally posted by schmidtbag View Post
                      I didn't say it wasn't bad. I know it's bad. If people insist on using it, they either know what they're doing or must suffer the consequences of not choosing a more ideal solution (such as a different OS or FTP). But again, that's obvious. If someone asks a question, I plan to answer it as-is. If I sense they're about to do something really irresponsible, I'll also tell them to reconsider their actions, but most people on Phoronix aren't dumb enough to use SMB1 on something important.
                      Let's assume that unknown unknowns exist for minute. a contrived example might be that people do not know that the dark room they are stumbling into is full of knives. In my contrived little scenario here - you have answered the persons quesion of "how do I find the exit" with "find the exit by following the walls" and I have yelled out "the walls are made of sharp pointy glass".

                      if the person is indeed smart, then they might figure to avoid the sharp hurty bits.

                      Comment

                      Working...
                      X