From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mailman by lists.gnu.org with tmda-scanned (Exim 4.43) id 1EOKPe-0003gZ-R3 for qemu-devel@nongnu.org; Sat, 08 Oct 2005 15:31:18 -0400 Received: from exim by lists.gnu.org with spam-scanned (Exim 4.43) id 1EOKPd-0003g2-6M for qemu-devel@nongnu.org; Sat, 08 Oct 2005 15:31:18 -0400 Received: from [199.232.76.173] (helo=monty-python.gnu.org) by lists.gnu.org with esmtp (Exim 4.43) id 1EOKPd-0003fx-0C for qemu-devel@nongnu.org; Sat, 08 Oct 2005 15:31:17 -0400 Received: from [206.46.252.42] (helo=vms042pub.verizon.net) by monty-python.gnu.org with esmtp (Exim 4.34) id 1EOKPd-0001W5-1p for qemu-devel@nongnu.org; Sat, 08 Oct 2005 15:31:17 -0400 Received: from [192.168.0.100] ([141.154.226.153]) by vms042.mailsrvcs.net (Sun Java System Messaging Server 6.2 HotFix 0.04 (built Dec 24 2004)) with ESMTPA id <0IO200LRQ3K2VMV0@vms042.mailsrvcs.net> for qemu-devel@nongnu.org; Sat, 08 Oct 2005 14:31:15 -0500 (CDT) Date: Sat, 08 Oct 2005 15:30:36 -0400 From: John Coiner Message-id: <43481E5C.5050308@stanfordalumni.org> MIME-version: 1.0 Content-type: text/plain; charset=us-ascii; format=flowed Content-transfer-encoding: 7bit Subject: [Qemu-devel] [patch] make '-smb $HOME' work Reply-To: qemu-devel@nongnu.org List-Id: qemu-devel.nongnu.org List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , To: qemu-devel@nongnu.org The most common use case for the '-smb' option may be '-smb $HOME'. There is a problem with this case: Windows attempts to connect as user "nobody". Smbd allows the connection -- unfortunately, it also maps the "nobody" accesses to the host's "nobody" account, so all write accesses fail. How are people using '-smb'? Am I the only person that runs into this? One lame workaround is to point '-smb' at an area on /tmp that everybody, including "nobody", has access to. The problem happens with a Windows 2000 guest, and maybe other NT derivatives. This patch sets up smbd to only allow "guest" access from Windows, and no other access. (I suspect and hope that smbd can coax any version of Windows into doing a "guest" access, by rejecting everything else. This is only tested with Win2K.) When smbd receives a guest access, it maps that onto the account of the same user who is running qemu. This fixes the common, personal use, '-smb $HOME' case. For more complicated cases, for example if you don't trust the guest, you may want to craft your own 'smb.conf' rather than relying on '-smb'. From a security standpoint, the patched '-smb' has no authentication to break, and it constrains smb access to a single user on the host. So while the gates are wide open to whatever directory you share, you at least know what you're getting. -- John --- qemu-0.7.2-dmapatch/vl.c 2005-09-04 13:11:31.000000000 -0400 +++ qemu-0.7.2-broken/vl.c 2005-10-08 14:41:55.000000000 -0400 @@ -29,6 +29,8 @@ #include #include #include +#include +#include #ifndef _WIN32 #include @@ -1605,15 +1607,17 @@ "log file=%s/log.smbd\n" "smb passwd file=%s/smbpasswd\n" "security = share\n" + "guest account=%s\n" "[qemu]\n" "path=%s\n" "read only=no\n" - "guest ok=yes\n", + "guest only=yes\n", smb_dir, smb_dir, smb_dir, smb_dir, smb_dir, + getpwuid( geteuid( ) )->pw_name, exported_dir ); fclose(f);