Friday, 23 June 2017

Re: RFC: disabling the SMB1 protocol in our samba stack (client, server) (#1697817)

Hi Andreas,

On Mon, Jun 19, 2017 at 06:44:42AM -0700, Andreas Hasenack wrote:
> we had a bug [1] filed against Ubuntu as part of a larger campaign [2] to
> disable the old, vulnerable, deprecated SMB1 protocol in the Samba stack.
> I asked upstream [3] for their opinion on changing the default protocol
> level.

Thank you for kicking this off upstream! Looks like this is now under
active consideration and development by upstream.

Given that this is now making progress upstream, I suggest that in
Ubuntu we go with what upstream decides to do: turning SMB1 support off
by default when we update to a release where they do that. Unless they
(or our security team) suggest that we do otherwise.