| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Sat, 5 May 2007 08:03:03 -0400 From: Jeff Layton <jlayton@...chiereds.net> To: Shirish S Pargaonkar <shirishp@...ibm.com> Cc: smfltc@...ux.vnet.ibm.com, hch@...radead.org, linux-cifs-client-bounces+shirishp=us.ibm.com@...ts.samba.org, Jeff Layton <jlayton@...hat.com>, linux-cifs-client@...ts.samba.org, samba-technical@...ts.samba.org, linux-kernel <linux-kernel@...r.kernel.org> Subject: Re: [linux-cifs-client] Re: [PATCH] CIFS: make sec=none force an anonymous mount On Sat, May 05, 2007 at 05:41:35AM -0500, Shirish S Pargaonkar wrote: > > When a session setup request is sent as an anonymous user (NUL user), > should/could there be > password associated with that? > Right now, sec=none option, will prompt you for a password. We should probably turn off password prompting if sec=none is specified. > And when we add code to retry session setup as anonymous user if the first > session setup request > fails, should that retry request be sent with the password or without > password? > > When smbfs sends requests as an anonymous user, it does not send a password > along with it. > I'd say we'd want to avoid sending along the password in any situation where it wasn't really needed. -- Jeff - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists