Sunday 5 January 2014

Re: Include samba and libpam-smbpass by default in Ubuntu

On Sun, Jan 05, 2014 at 12:47:47PM -0500, Stéphane Graber wrote:
> Ubuntu has a no open port by default policy at least for the Desktop
> installation. If you look at a default Ubuntu Desktop system the only
> exceptions you should see to that rule are the DHCP client (which needs
> to listen on udp/68) and avahi-daemon (which needs to listen on
> udp/5353).

> So having samba installed and running by default isn't an option and
> would be a potential security risk for millions of systems which do not
> need the service at all anyway.

> I think having nautilus prompt the user for those packages to be
> installed is perfectly reasonable, having to restart the session however
> seems a bit odd to me and shouldn't be a requirement.

The requirement follows from the fact that CIFS shares require a different
password hash to be available on the server system for authentication than
the one used by default in /etc/shadow, and while the permissions on the
file managed by libpam-smbpasswd are secure, the NTLM hashes are strictly
weaker than the hashes used for /etc/shadow, which exposes users to greater
risk of password cracking if the database is stolen. So since these hashes
are not generated until the user opts in to CIFS sharing through nautilus
(changing their PAM config), the session logout/login is unavoidable.

--
Steve Langasek Give me a lever long enough and a Free OS
Debian Developer to set it on, and I can move the world.
Ubuntu Developer http://www.debian.org/
slangasek@ubuntu.com vorlon@debian.org