Linked by Thom Holwerda on Sat 26th Mar 2011 02:00 UTC
Mac OS X When you run smbd -V on your Snow Leopard installation, you'll see it's running SAMBA version 3.0.28a-apple. While I'm not sure how much difference the "-apple" makes, version 3.0.28a is old. Very old. In other words, it's riddled with bugs. Apple hasn't updated SAMBA in 3 years, and for Lion, they're dumping it altogether for something homegrown. The reason? SAMBA is now GPLv3.
Permalink for comment 468199
To read all comments associated with this story, please click here.
Member since:

Ok, so you claim that Samba v4 is fully Windows compatible, just like CIFS. And you talk about NTVFS. And say that my link was about security issues.

In my link, someone from the Samba team wrote:
"Solaris could expand on this by giving us access to atomic NT-ACL create, NTFS stream support, the ability to push SID credentials into the system from winbindd and attach to a process etc. We already support case-insensitive filesystems of course."

Sorry to say person you pulled up. Is not samba main team. Is in fact Solaris. Not Samba. Solaris does in fact have its own implementation alterations.

Don't try bluffing you way past me again please. You pulled up some random document that is basically by the wrong people.

Are these also security issues? Where can I read more about NTVFS?

NTVFS is where most of that stuff is implemented in Samba 4. Define of secuirty issues. NTVFS corrects the permissions processing issues that windows programs expect.

Prior still fully obeyed posix and Linux permissions that caught a few windows applications out normally causing them to crash when using a samba share. Their are a stack of options in samba 3 to alter responses to applications work. Of course being strictly posix would not been a issue if MS was not pushing NTFS expectations over the wire.

Support for DOS attributes (archive, hidden, read-only and system)
Case-insensitive file name operations.
There are three modes: case-sensitive, case-insensitive and mixed.
Support for ubiquitous cross-protocol file sharing through an option to ensure UTF8-only name encoding.
Atomic ACL-on-create semantics.
Enhanced ACL support for compatibility with Windows.

All this stuff directly relates to NTFS emulation. This shows the major difference between samba 3 and samba 4. Major internal redesign ntvfs is one of the core parts of the redesign.

SID handling from Winbindd and ntvfs are both plugins.

All the solaris guy is talking about really is one of many ways todo it.

CIFS has been fully windows compatible with windows as long as Windows applications have not been expecting NTFS drives on the other end all the way through Samba 3. There are samba 3 flags to give applications what the expect.

None of these things data secuirty issues. More likely to be a issue of secuirty blocking applications from running.

Please be aware the first implementation of SMB by IBM only knows posix permissions and posix acls. Have complete no idea about NT-ACL at all. Yes directly setting posix-acls is supported over the wire using SMBv1. Will be reinstated in SMBv2 as well.

Reply Parent Score: 3