lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Message-ID: <5E448B29.1080705@tlinx.org>
Date:   Wed, 12 Feb 2020 15:32:57 -0800
From:   L Walsh <cifs@...nx.org>
To:     Steve French <smfrench@...il.com>
CC:     CIFS <linux-cifs@...r.kernel.org>,
        Linux-Kernel <linux-kernel@...r.kernel.org>
Subject: Re: [CIFS][PATCH] Add SMB3/Win10-only  Change Notify

On 2020/02/10 06:30, Steve French wrote:
>
>>     By calling it a SMB3 feature, does that mean you are removing
>> it from SMB2?
>>     
>
> That is a good question.  I should have made more clear that although
> many servers support Change Notify prior to SMB3 dialect, we chose
> to implement it in SMB3 (late 2012 and later dialect) to minimize testing
> risks and since we want to encourage users to use SMB3 or later (or
> at least SMB2.1 or later since security is significantly better for later
> dialects than for SMB1 and even SMB2)
>   
----
    SMB2.1 would be fine for my purposes, I find it a bit odd though that
my linux server running these changes won't be as capable of detecting
directory changes as an outdated Win7 machine. 

    There are many below-SMB3 speaking devices out in the world right now. 
Probably many below 2.1. 

    You say you want to "encourage users to use SMB3 or later (or at least
SMB2.1)", how does adding SMB3-only support allow users to use SMB2.1?
Say your encouragement of users is taken to heart, and they want to use 
SMB3.
How would those users upgrade the dialect of SMB used in their
machine or device?  I don't know of any easy way to upgrade existing 
devices -
even existing OS's, if a user ran Win7, how would they upgrade the CIFS
drivers to 3.0?

    If it is not possible to upgrade existing devices, then wouldn't that
encouragement boil down to junking the device and buying a new one?
> Change Notify is available in all dialects (SMB2, SMB2.1, SMB3, SMB3.1.1)
> for many servers but for the client we just implemented it for SMB3 and later.
>   
    Doesn't that mean that the linux client won't be able to access 
existing
NAS servers or Win-Client machine running anything other than Win10?  Does
the current version of samba provide full SMB3 support?  If not, doesn't 
that
imply that the client for CIFS won't be able to access or use these features
from another linux server?
> If you have a server that you want to support that requires
> SMB2 or SMB2.1 mounts, I wouldn't mind a patch to add notify support
> for those older dialects but I would like to encourage use of SMB3 or later (or
> at least SMB2.1 or later) where possible.
>   
    Again, how does implementing SMB3-only, only support SMB2.1 or later?

    If you feel it would be trivial to add such a patch, wouldn't you be in
the position of, probably, having the most knowledge about the subject 
and be
likely to do the best job without breaking anything else?  Certainly doesn't
mean someone else couldn't but seems riskier than offering a Linux 
client that
would be able to access the widest range of existing devices and 
computers from
the start.

Thanks!
Linda

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ