From: Andrew Bartlett <abartlet-eUNUBHrolfbYtjvyW6yDsg@public.gmane.org>
To: "L. A. Walsh"
<linux-cifs-gT3AUAsYRbTYtjvyW6yDsg@public.gmane.org>,
Thorsten Leemhuis <linux-rCxcAJFjeRkk+I/owrrOrA@public.gmane.org>
Cc: linux-cifs-u79uwXL29TY76Z2rM5mHXA@public.gmane.org
Subject: Re: RFC: Revert move default dialect from CIFS to to SMB3"
Date: Fri, 01 Sep 2017 15:11:59 +1200 [thread overview]
Message-ID: <1504235519.8023.87.camel@samba.org> (raw)
In-Reply-To: <59A8A3E2.40804-gT3AUAsYRbTYtjvyW6yDsg@public.gmane.org>
On Thu, 2017-08-31 at 17:03 -0700, L. A. Walsh wrote:
> Thorsten Leemhuis wrote:
> > This reverts commit eef914a9eb5eb83e60eb498315a491cd1edc13a1 (
> > [SMB3] Improve security, move default dialect to SMB3 from old
> > CIFS),
> > as it confuses users: https://bugzilla.kernel.org/show_bug.cgi?id=1
> > 96599
> >
> > It was a patch to improve security by switching to SMB3 by default
> > and
> > support SMB1 (aka CIFS) only when explicitly requested, as the
> > latter
> > is not considered secure anymore (see below for details). This is
> > one of
> > the rare cases where regressions are unavoidable and accepted in
> > Linux.
> >
>
> ----
> Why not SMB2.1? Win7 is still in support and getting security
> updates.
> MS has not issued any updates for Win7 upgrading it to SMB3.0 for any
> reason (that I'm aware of) -- including security.
>
> If there were security problems in Win7 w/SMB2.1, wouldn't MS
> issue patches -- as they did for WinXP just recently for a severe
> SMB1 bug?
To be clear, the issue with SMB1 is lack of integrity protection, in
particular on the negotiation, where a client may come to think it had
to use NTLM(v2) to talk to the server.
The only protection available on SMB1 is 'smb signing', which is after
the negotiation of the authentication protocols etc.
> Seems like if they are willing to patch "out of support" XP, for
> a serious problem, then they would be more likely to patch Win7 for
> lesser problems.
>
> Seems like jumping the default to MS's latest and greatest puts
> linux on MS's OS-release schedule -- especially when they haven't
> declared
> SMB2.1 as "bad"... From what I understand, most of the new security
> features in 3.0 when into SMB2.1 or 2.0.
Sadly 'most' turned out not to be good enough to actually secure the
negotiation, which is the main weakness. If a change is to be made, I
think it should move up to SMB3.
In terms of Windows versions, Windows 2012R2 is quite popular these
days, even if Windows 8.1 still wasn't a great hit.
Finally, I do agree that the move from SMB1 is partly on the basis of a
false premise. It appears that Microsoft's recent declaration of SMB1
as 'bad' is as much on the basis of coding flaws in their own SMB1
implementation as the lack of protection. It is hoped that more modern
code might have less buffer-overflow style security flaws compared with
the 25 year old stuff.
Both however are good reasons to move off the SMB1 protocol towards
SMB3 on the server, and this is easiest and safest to do once the
clients also move to SMB3 by default.
Andrew Bartlett
--
Andrew Bartlett
https://samba.org/~abartlet/
Authentication Developer, Samba Team https://samba.org
Samba Development and Support, Catalyst IT
https://catalyst.net.nz/services/samba
prev parent reply other threads:[~2017-09-01 3:11 UTC|newest]
Thread overview: 16+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-08-31 21:01 RFC: Revert move default dialect from CIFS to to SMB3" Thorsten Leemhuis
[not found] ` <1504213298-27431-1-git-send-email-linux-rCxcAJFjeRkk+I/owrrOrA@public.gmane.org>
2017-08-31 21:36 ` RFC: Revert move default dialect from CIFS to to SMB3 Thorsten Leemhuis
2017-09-01 0:12 ` Linus Torvalds
2017-09-01 0:29 ` Steve French
[not found] ` <CAH2r5msWDXzwbFPtUHCKbqHrEBTsvw5eaTayj5RkdgYCLM5nAQ-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>
2017-09-01 2:42 ` Steve French
[not found] ` <CAH2r5mv9roEvMX+C-csU=GZFM_HMbqxnHfF11NUp+2yonDVPgA-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>
2017-09-01 3:06 ` ronnie sahlberg
2017-09-01 11:07 ` Jeff Layton
2017-09-02 14:25 ` Thorsten Leemhuis
2017-09-01 18:23 ` L. A. Walsh
[not found] ` <59A9A59E.6040205-gT3AUAsYRbTYtjvyW6yDsg@public.gmane.org>
2017-09-01 19:45 ` Linus Torvalds
2017-09-02 2:16 ` Steve French
2017-09-02 3:56 ` Linus Torvalds
[not found] ` <CA+55aFwUHLxBhOh7DxtjSSnKX6KBj+k+p=_CzE8i_xgq-LNj0A-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>
2017-09-02 5:22 ` Andrew Bartlett
[not found] ` <1504329770.3249.61.camel-eUNUBHrolfbYtjvyW6yDsg@public.gmane.org>
2017-09-02 17:09 ` Linus Torvalds
2017-09-01 0:03 ` RFC: Revert move default dialect from CIFS to to SMB3" L. A. Walsh
[not found] ` <59A8A3E2.40804-gT3AUAsYRbTYtjvyW6yDsg@public.gmane.org>
2017-09-01 3:11 ` Andrew Bartlett [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1504235519.8023.87.camel@samba.org \
--to=abartlet-eunubhrolfbytjvyw6ydsg@public.gmane.org \
--cc=linux-cifs-gT3AUAsYRbTYtjvyW6yDsg@public.gmane.org \
--cc=linux-cifs-u79uwXL29TY76Z2rM5mHXA@public.gmane.org \
--cc=linux-rCxcAJFjeRkk+I/owrrOrA@public.gmane.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox