Re: Passthough security fix.

Luke Kenneth Casson Leighton (lkcl@regent.push.net)
Tue, 21 Apr 1998 02:03:46 +0000 (GMT)

Date:	Tue, 21 Apr 1998 02:03:46 +0000 (GMT)
From:	Luke Kenneth Casson Leighton <lkcl@regent.push.net>
To:	Jeremy Allison <jallison@whistle.com>
Subject: Re: Passthough security fix.
In-Reply-To: <353BEE06.3B54AFBF@whistle.com>

hi jeremy,

this reminds me of having seen an anon IPC$ connection, if rejected by the
server, be followed up with a non-anonymous, proper user/password/domain
validated IPC$ connection.

On Tue, 21 Apr 1998, Jeremy Allison wrote:

> Hi all,
>
> I was chatting with Roger Binns (author of
> VisionFS, he's out in Santa Cruz at the moment so
> we got to exchange CIFS gossip :-), and he came
> out with a wonderful solution to the NT bug that
> means NT Server doesn't set the guest bit when
> logging on a user in pass-though security.
>
> They send the sessionsetup request *twice* - once
> with the correct password, and once with a password
> of random garbage. If both are accepted then the
> user was guest, if the first was accepted and
> the second rejected then the user was non-guest.
>
> Simple, elegant and works with all broken versions
> of NT. Can anyone see any disadvanages ?
>
> Cheers,
>
> Jeremy.
>
> --
> --------------------------------------------------------
> Buying an operating system without source is like buying
> a self-assembly Space Shuttle with no instructions.
> --------------------------------------------------------
>