"The purpose of DRM is not to prevent copyright violations. The purpose of DRM is to give content providers leverage against creators of playback devices."
Coverity analysis, Codenomicon fuzzing, all changes peer-engineer review, no code changes without regression test coverage, no back-ports without a bug report.
Pretty basic stuff for professional code quality these days.
For this one, the only way to catch it would have been the peer-engineer review and fuzzing steps, and we weren't doing them back in 2009.
Yes, that is the core of the bug. However, I can offer some explanation into how it happened.
There are 2 subsystems involved here.
(1). Load a shared library module and execute it.
This has many uses inside Samba.
(2). Allow a client request on an RPC pipe to be routed to an external process or library.
This allows Samba to be built without embedding all the named pipe services inside it, which makes it a smaller binary for embedded vendors.
Unfortunately an old commit connected the two subsystems together, re-using the shared library module existing code to find and load the service the client was asking for. There was insufficient sanitization of the requesting name which caused the problem.
The commit happened in 2009, before we had two-engineer design and review practices and the full regression test suite we now use.
Eventually I want to remove the ability to load any shared modules containing more than one path component. This has to be done carefully however to avoid breaking existing configured systems that may depend on this.
It's not an SMB protocol bug. It's a generic flaw in the DCE RPC protocol used for all RPC services on Windows and specifically to administer Active Directory Domain Controllers. That's why we really want people to patch (both Samba *and* Windows users).
I know you're just a random slashdot poster, and I really shouldn't expect any better, but would it hurt you to look at the list of Document Foundation (the Org behind LibreOffice) and look at the list of supporters:
"Chris DiBona, Open Source Programs Manager at Google, Inc., has commented: "The creation of The Document Foundation is a great step forward in encouraging further development of open source office suites. Having a level playing field for all contributors is fundamental in creating a broad and active community around an open source software project. Google is proud to be a supporter of The Document Foundation and participate in the project".
Hint - supporters mean we fund them. I represent Google on the Board of Directors, and yes, nagging them about getting a full Android port is something I do *every* meeting.
I now return you to your regularly scheduled slashdot poster 2-minute-hate on "Big Corporations".
You can look at the source code all you like, but unless you can *use* that source code to build your own binaries and redistribute them, then that means absolutely nothing in terms of security.
The products you buy off the shelf may or may not have any relation to the code you looked at.
That's why Free Software is so important for security-sensitive applications. Not only do you get to look, you get to modify it and redistribute.
Another "feature" brought to you by the poisonous gift of software patents.
Dongle vendors don't want the potential of getting Microsoft knocking on their door asking for royalties by including (or even just turning on) the CIFS client in the Linux kernel they all ship.
Thanks Microsoft ! Great job on promoting SMB technology !
Fuckers (not the Microsoft engineers, with whom I have a *great* relationship - I mean Microsoft legal).
Utter crap. Codenomicon are very friendly to FLOSS and FLOSS developers. They're also great guys. They have been providing free test services to the Samba project for many years now, and have helped us fix many many bugs.
In case you hadn't noticed, the code they're reporting on here is closed source proprietary code...
"Guys, I know we've been punching you in the face for 20+ years but we've *stopped* now ! Why don't you love us ?"
As someone who works very well with Microsoft these days and has many friends there, the lack of self-awareness in the posts on the article is staggering:-).
You have to do more than stopping being bad. Being *good* is required.:-).
I know you can do it ! Stop being a patent troll for starters.
The thing you have to understand is that this isn't a technical problem.
All of these things are well understood, and there are Free Software libraries that will do all of these things (indeed the proprietary commercial solutions are often built with these very self-same libraries).
No, this is a *legal* problem, with patents on software destroying the opportunity to create many wonderful things that consumers would love to buy, if the legal framework allowed it, which it doesn't.
It's almost unimaginable how much damage one simple thing (allowing patents on software) has done to the industry.
"Active Directory is a mainstay of enterprise IT environments, and Microsoft is committed to support for interoperability across platforms," said Thomas Pfenning, director of development, Windows Server. "We are pleased that the documentation and interoperability labs that Microsoft has provided have been key in the development of the Samba 4.0 Active Directory functionality."
No, I also know when it was first widely adopted. I was around and shepherded it through that remember. It really took off around 1994 when we had very wide use on SunOS and early Solaris use.
Wider Linux use really didn't start until about until 1996 or so. I remember tridge and I being amazed that making it work on Linux became more important than making it work on SunOS/Solaris/HPUX and other commercial UNIXes.
Oh sure. The mail slot interface is an essential part of the protocol. That's why you just can't buy Samba based products anymore, all commercial NAS are re-badged versions of Windows server.
It's all in how the server is configured, and if the client will pipeline requests.
I can easily saturate a gigabit network using modern Linux CIFSFS and Samba. Ensure you turn on pthread based aio on the server, and the client now issues multiple outstanding read/write requests.
SMB2 makes this easier as it does this by default even on Windows clients. Ensuring your server has the pthread-based aio is the key though (depending on server CPU availablilty - on low end systems some OEM's get more mileage by using zero-copy sendfile/recvfile instead).
Slashdot Mirror
And you You seem to be operating under the presumption that EME (and all DRM) is designed to stop piracy. It isn't.
Read Ian Hickson (author of html5 spec) on this:
https://plus.google.com/+IanHi...
"The purpose of DRM is not to prevent copyright violations.
The purpose of DRM is to give content providers leverage against creators of playback devices."
He makes a compelling point.
Coverity analysis, Codenomicon fuzzing, all changes peer-engineer review, no code changes without regression test coverage, no back-ports without a bug report.
Pretty basic stuff for professional code quality these days.
For this one, the only way to catch it would have been the peer-engineer review and fuzzing steps, and we weren't doing them back in 2009.
> Can this vuln be exploited via IPv6?
Yes.
Yes, that is the core of the bug. However, I can offer some explanation into how it happened.
There are 2 subsystems involved here.
(1). Load a shared library module and execute it.
This has many uses inside Samba.
(2). Allow a client request on an RPC pipe to be routed to an external process or library.
This allows Samba to be built without embedding all the named pipe services inside it, which makes it a smaller binary for embedded vendors.
Unfortunately an old commit connected the two subsystems together, re-using the shared library module existing code to find and load the service the client was asking for. There was insufficient sanitization of the requesting name which caused the problem.
The commit happened in 2009, before we had two-engineer design and review practices and the full regression test suite we now use.
Eventually I want to remove the ability to load any shared modules containing more than one path component. This has to be done carefully however to avoid breaking existing configured systems that may depend on this.
Yeah, but Slashdot has always disliked Samba since time immemorial.
I think it's because early Samba Team member Tim Potter (tpot) used to troll slashdot for fun, and CmdrTaco *hated* the trolls :-).
Fantastic article from Alexander Bokovoy on
how this thing was found and fixed !
http://rhelblog.redhat.com/201...
It's not an SMB protocol bug. It's a generic flaw in the DCE RPC protocol used for all RPC services on Windows and specifically to administer Active Directory Domain Controllers. That's why we really want people to patch (both Samba *and* Windows users).
How we plan to expose cloud-based filesystems in Samba:
http://www.sambaxp.org/archive...
I know you're just a random slashdot poster, and I really shouldn't expect any better, but would it hurt you to look at the list of Document Foundation (the Org behind LibreOffice) and look at the list of supporters:
https://www.documentfoundation...
"Chris DiBona, Open Source Programs Manager at Google, Inc., has commented: "The creation of The Document Foundation is a great step forward in encouraging further development of open source office suites. Having a level playing field for all contributors is fundamental in creating a broad and active community around an open source software project. Google is proud to be a supporter of The Document Foundation and participate in the project".
Hint - supporters mean we fund them. I represent Google on the Board of Directors, and yes, nagging them about getting a full Android port is something I do *every* meeting.
I now return you to your regularly scheduled slashdot poster 2-minute-hate on "Big Corporations".
This, this, a thousand times this.
You can look at the source code all you like, but unless you can *use* that source code to build your own binaries and redistribute them, then that means absolutely nothing in terms of security.
The products you buy off the shelf may or may not have any relation to the code you looked at.
That's why Free Software is so important for security-sensitive applications. Not only do you get to look, you get to modify it and redistribute.
To donate funds to Conservancy GPL compliance efforts see here:
http://sfconservancy.org/linux...
Another "feature" brought to you by the poisonous gift of software patents.
Dongle vendors don't want the potential of getting Microsoft knocking on their door asking for royalties by including (or even just turning on) the CIFS client in the Linux kernel they all ship.
Thanks Microsoft ! Great job on promoting SMB technology !
Fuckers (not the Microsoft engineers, with whom I have a *great* relationship - I mean Microsoft legal).
I use this:
http://www.ibasso.com/products...
paired with this:
http://chordelectronics.co.uk/...
but then I'm crazy. Sure does play flac files though :-).
There is no hope that anyone there can effect any change, as with the US.
Refuse to hire ex-GCHQ or NSA employees. Make sure they know they're personally accountable for this.
Utter crap. Codenomicon are very friendly to FLOSS and FLOSS developers. They're also great guys. They have been providing free test services to the Samba project for many years now, and have helped us fix many many bugs.
In case you hadn't noticed, the code they're reporting on here is closed source proprietary code...
I think Ubuntu has user shares turned on. In which case you right click on the directory and click on the 'share' menu item, just like Windows.
Disclaimer. I wrote the Samba code for this feature...
"Guys, I know we've been punching you in the face for 20+ years but we've *stopped* now !
Why don't you love us ?"
As someone who works very well with Microsoft these days and has many friends there, the lack of self-awareness in the posts on the article is staggering :-).
You have to do more than stopping being bad. Being *good* is required. :-).
I know you can do it ! Stop being a patent troll for starters.
The thing you have to understand is that this isn't a technical problem.
All of these things are well understood, and there are Free Software libraries that will do all of these things (indeed the proprietary commercial solutions are often built with these very self-same libraries).
No, this is a *legal* problem, with patents on software destroying the opportunity to create many wonderful things that consumers would love to buy, if the legal framework allowed it, which it doesn't.
It's almost unimaginable how much damage one simple thing (allowing patents on software) has done to the industry.
This looks like what you wanted:
http://hsti.com/products/wirelessmediastick
disclaimer, I haven't tried this at all...
Jeremy.
They're not going to do that. The director of Windows server development at Microsoft even gave us a quote for the Samba 4 press release.
https://www.samba.org/samba/news/releases/4.0.0.html
For the tl;dr crowd:
"Active Directory is a mainstay of enterprise IT environments, and Microsoft is committed to support for interoperability across platforms," said Thomas Pfenning, director of development, Windows Server. "We are pleased that the documentation and interoperability labs that Microsoft has provided have been key in the development of the Samba 4.0 Active Directory functionality."
Thanks a *lot* Thomas !
No, I also know when it was first widely adopted. I was around and shepherded it through that remember. It really took off around 1994 when we had very wide use on SunOS and early Solaris use.
Wider Linux use really didn't start until about until 1996 or so. I remember tridge and I being amazed that making it work on Linux became more important than making it work on SunOS/Solaris/HPUX and other commercial UNIXes.
Jeremy.
Oh sure. The mail slot interface is an essential part of the protocol. That's why you just can't buy Samba based products anymore, all commercial NAS are re-badged versions of Windows server.
Sarcasm, in case anyone was wondering..
Jeremy
No, you're getting the history the wrong way around.
Samba was started in '92. The web wasn't on most companies radar until the late 90's.
Web and database on Linux came in the door opened by file servers :-).
Our original platform was SunOS (not even Solaris). When Samba started Linux was a toy, it didn't even have networking.
Jeremy.
Hahahah ! Actually, that's comedy *gold*.
man smb.conf :-).
It's all in how the server is configured, and if the client will pipeline requests.
I can easily saturate a gigabit network using modern Linux CIFSFS and Samba. Ensure you turn on pthread based aio on the server, and the client now issues multiple outstanding read/write requests.
SMB2 makes this easier as it does this by default even on Windows clients. Ensuring your server has the pthread-based aio is the key though (depending on server CPU availablilty - on low end systems some OEM's get more mileage by using zero-copy sendfile/recvfile instead).
Jeremy.