Return to BSD News archive
Path: euryale.cc.adfa.oz.au!newshost.carno.net.au!harbinger.cc.monash.edu.au!munnari.OZ.AU!news.Hawaii.Edu!news.caldera.com!enews.sgi.com!insync!news.io.com!smartdna!news-xfer.mccc.edu!zdc-e!super.zippo.com!news.maxwell.syr.edu!cpk-news-hub1.bbnplanet.com!su-news-feed4.bbnplanet.com!news.bbnplanet.com!netapp.com!netapp.com!not-for-mail From: guy@netapp.com (Guy Harris) Newsgroups: comp.unix.bsd.freebsd.misc Subject: Re: smbfs under FreeBSD? Date: 27 Jun 1997 11:36:45 -0700 Organization: Network Appliance Lines: 32 Message-ID: <5p117t$g2e@tooting.netapp.com> References: <33AFCEA5.167EB0E7@IBC.IskraSistemi.Si> <01bc82a8$ed23e340$b4cc93cf@thewall> <slrn5r73pq.cjm.hdm@stress.noc.demon.net> NNTP-Posting-Host: tooting.netapp.com Xref: euryale.cc.adfa.oz.au comp.unix.bsd.freebsd.misc:43644 J.C. Archambeau <n-xiv@worldnet.att.net> wrote: >Because of the design limitations of SMBFS, it will never be secure. >Samba is about as good as you'll get with any of the BSD projects. Note that SMBFS and Samba aren't interchangeable; the former is an SMB client, the latter is an SMB server. Samba does come with a user-mode "smbclient" program, which is sort of like the "ftp" program only it uses SMB. Dominic Mitchell <hdm@demon.net> wrote: >To expand with this, the problem is that it authenticates on a per user >basis, which is no use at all in a multi-user environment... ...although I think WinDD and WinCenter and the like make it work in multi-user NT. I think they do it by not allowing user A access to any shares attached by user B - by, I think, having drive letters be per-user-session. In UNIX, one might instead have the SMB client code associate with each session the credentials for that session, and, when a request comes into the client code via its VOP_ routines, look for a session with credentials matching those that came in via the VOP_ call and: if such a session was found, use it; if such a session wasn't found, create a new session with the appropriate user name. -- Reply, or follow up, but don't do both, please. postmaster@localhost postmaster@127.0.0.1