* Posts by Jeremy Allison

126 publicly visible posts • joined 19 Oct 2008

Page:

How Sinclair's QL computer outshined Apple's Macintosh against all odds

Jeremy Allison

Re: Linus Torvalds and I both enjoyed the QL

Nah, I just wanted to push the view count for this 13 year-old video :-).

Jeremy Allison

Linus Torvalds and I both enjoyed the QL

I offered to go with Linus to Sao Paulo zoo once to help him avoid having to meet Lula, the president of Brasil which he really didn't want to do :-). I did so only on the condition he do an interview with me. I was fed up of people asking Linus about Linux, so I only asked him questions about the Sinclair QL, which both he and I enjoyed. Interview is still available on youtube here:

https://www.youtube.com/watch?v=05pgVwzAZ6k

Last rites for the UK's Online Safety Bill, an idea too stupid to notice it's dead

Jeremy Allison

From "A Very British Coup" TV series.

Sir Percy Browne: "One Day Mr. Fiennes, you will have the entirety of the British People under permanent 24-hour surveillance. Will you be happy then ?"

Mr. Fiennes: "Happy ? Satisfied."

Microsoft Windows edges closer to SMB security signing fully required by default

Jeremy Allison

Re: SAMBA?

Apple SMB client already does signing, as does Samba. We (Samba) test with them at the SNIA SDC interop lab every year.

What is Google doing with its open source teams?

Jeremy Allison

Re: Samba

Absolutely correct. I always refer to myself (after asking Tridge) as co-creator. Tridge is (and always was) the smart one :-). He invented the rsync algorithm for heavens sake !

https://www.computerworld.com/article/2775261/australia-s-samba-man-gets-smartest-person-nod.html

Back to work, Linux admins: You may have a CVSS 10 kernel bug to address

Jeremy Allison

Re: This does not belong in the Kernel

It's.. complicated. Right now there's no integration between ksmbd and Samba, although we collaborate on SMB3+POSIX extension development.

Samba is a large and old project, with many procedures in place to try and prevent accidents like this (although we're both written in C, so until we can port to a safer language - which will probably never happen - there will *always* be disasters like this).

Having said that IMHO the kernel cifsfs and ksmbd code have some quality issues which come down to insufficient code review practices. I have complained long and bitterly about this in the past and the people involved are well aware of my opinions.

Take a look at Samba's gitlab page:

https://gitlab.com/samba-team/samba/-/merge_requests

Every potential commit has to go through a full pipeline continuous integration build (look here for examples):

https://gitlab.com/samba-team/samba/-/pipelines

and all commits must have 2+ Samba Team engineer review and sign-off before merging into the upstream codebase. Currently I don't see something similar for cifsfs and ksmbd. I'd be a lot happier if they had something like this.

Jeremy Allison

Re: This does not belong in the Kernel

> "Samba usually has odd performance problems that come with being an ancient Apache project."

What are you smoking, and can I have some please ? :-).

Samba was started around 1992, before Apache was a gleam in anyone's eye.

As for performance, putting something in the kernel isn't an automatic "go faster" switch for the processor. See here for details:

https://samba.plus/blog/detail/ksmbd-a-new-in-kernel-smb-server

US seeks standards dominance, lets Huawei access previously forbidden crypto tech

Jeremy Allison

A warning from science fiction.

“The worst tyrannies were the ones where a government required its own logic on every embedded node.”

― Vernor Vinge, A Deepness in the Sky

Microsoft points at Linux and shouts: Look, look! Privilege-escalation flaws here, too!

Jeremy Allison

Symlinks, the poisonous gift that keeps on giving.

Oh look. *ANOTHER* symlink toctou vulnerability. When will we finally admit that the addition of user-creatable symlinks has been a disaster for POSIX and secure coding ? I will stand my ground and claim it is *IMPOSSIBLE* for application developers to safely use the POSIX filesystem API securely in the face of symlinks. Simply can't be done correctly.

At lease Microsoft learned their lesson when they added symlinks to NTFS, and they made the creation of them Administrator-only.

That one simple change probably saved them *YEARS* of symlink toctou vulnerability fixes, if it's even possible to fix them all.

Microsoft plans to drop SMB1 binaries from Windows 11

Jeremy Allison

Re: Problems ahead for old Sonos units

SONOS v2 includes SMB2+ support. It's only the old SONOS v1 boxes that only do SMB1.

Don't get me wrong, I'm not incredibly happy with this as I have many SONOS v1 boxes and no way am I giving them any more money, but they have added SMB2+ support (finally), if only for the latest releases.

I'll probably go the SMB2+ mount on a Raspberry PI re-exported via SMB1 to my old SONOS kit.

Samba 4.16 release strips away more SMB 1

Jeremy Allison

Argghhhh. Don't remind me. I'd successfully blocked pcNFS out of my memory :-). I used to have to support that PoS at Sun. It's existence is one of the main reasons Samba exists today (I'd left Sun, needed a cross platform network file system and someone suggested pcNFS. I restrained myself and didn't hit them. So I went looking on the (early) Internet and tridge announced the first version of smbserver. The rest is history:-).

Jeremy Allison

Re: Old equipment

Details on *why* we suck please ! :-).

Jeremy Allison

Re: Symlinks are the underlying problem.

It's not (just) the utilities that are the problem. It's the underlying APIs. They are *impossible* for normal application developers to use securely. Again, more details in my talk :-).

Jeremy Allison

Re: Symlinks are the underlying problem.

You can alias a file using hardlinks. You don't need symlinks for that. Aliasing a directory, yes, but I'm now of the opinion that the downsides to this massively outweigh the benefits. Tune in to my talk for more details :-).

Jeremy Allison

Re: Are we all friends now?

I think that's a little unfair. They didn't change SMB specifically to break Samba, they just didn't care about interoperability at the time. If it worked Windows -> Windows it was done.

You're right about tridge treating it like a crossword puzzle though :-).

Jeremy Allison

Symlinks are the underlying problem.

I'm planning a blistering broadside bludgeoning (as it's 'El Reg, gotta use alliterative headlines :-) on the concept of symlinks at this years SambaXP conference.

https://sambaxp.org/

(it's virtual, so you won't have to travel to Germany to attend). symlinks have ruined the POSIX filesystem API. I'm going to explain why, and talk about what can be done about it.

You know that Microsoft ZeroLogon bug you've been dragging your feet on? It's getting pwned in the wild now

Jeremy Allison

Not completely true about Samba AD-DC.

If you're running a post Samba 4.8 server you're safe, even though the proof of concept code reports it as vulnerable (the PoC code only tries the logon, it doesn't actually try any of the activities that the default Samba setting of schannel required prohibits). Better to be safe though and upgrade to the version that removes the false positive from the PoC code.

More details here:

https://www.samba.org/samba/security/CVE-2020-1472.html

OK brainiacs, we've got an IT cold case for you: Fatal disk errors on an Amiga 4000 with 600MB external SCSI unless the clock app is... just so

Jeremy Allison

The SCSI implementation on the Amiga was badly broken.

Back in the day, working on porting my GEM implementation to the Amiga to port Kuma K-Data over from the Atari ST to the Amiga, we noticed that (and I can't remember the exact details now) if you dragged an icon around on the stream at the same time it was doing a SCSI disk transfer your disk got lots of nice copies of the icon bitmap written all over the places where your data should have been.

The problem described in the article sounds horribly familiar.. :-).

Remember that Sonos speaker you bought a few years back that works perfectly? It's about to be screwed for... reasons

Jeremy Allison

“What we have here is a failure to communicate..”

I’m affected by this to the tune of 3 Play:5’s and 3 Connect’s, so I’m not a disinterested bystander.

Trying to take a step back and look at this - I think the fundamental mistake Sonos have made here is that they thought they were an electronics device company. But they are selling devices that allow people to connect to *music*. That makes things different to a phone or a TV, which are essentially seen as replacable and upgradable objects.

Music is different. Music affects people on a deep emotional level. The best audio brand names get this. They sell an *experience*, not hardware.

I think Sonos used to get this, but maybe the upper management have changed to people who thought they were in the electronics business. They are not, and they are about to discover this fact very painfully. I doubt the company will survive this. People are perceiving this, rightly or wrongly, as Sonos trying to take their music away (I know that is my gut reaction too).

They should have hired ex-Apple execs. Apple would never have made this mistake. They understand what they sell and it’s not hardware.

The D in Systemd is for Directories: Poettering says his creation will phone /home in future

Jeremy Allison

Recycling an old joke...

systemd isn't a bad operating system, it just lacks a good init system :-) :-).

Open-source companies gather to gripe: Cloud giants sell our code as a service – and we get the square root of nothing

Jeremy Allison

Repeat after me..

Open Source / Free Software is not a business model.

I've been doing this for nearly 30 years, getting paid for all of it. You don't create the software and Open Source it to make money, you create the software as it's what you need for yourself. If you Open Source it then others can help you. Only if it's any good will people start paying you to maintain it.

This whole idea of:

1). Open Source

2). ????

3). Profit !

Is worthy only of underpants gnomes thinking.

Years late to the SMB1-killing party, Samba finally dumps the unsafe file-sharing protocol version by default

Jeremy Allison

Re: The story of Samba SMB1 is fascinating.

Samba developer here, responsible for some of the CVE's you're laughing at :-).

Yes, complex software has security bugs, especially if it's written in C. The measure of a project is how it handles them though. I'd argue the fact we report and fix our CVE's makes us *more*, not less trustworthy.

There's no hiding your bugs in FLOSS code.

I agree with you on waf though, but most of the Team members just love python code, so what can you do :-). If I'd had my way it'd probably have been cmake instead, but you have to compromise with your colleagues to get anything done at all.

If you contribute to FLOSS code you'll know what I mean :-).

You're an admin! You're an admin! You're all admins, thanks to this Microsoft Exchange zero-day and exploit

Jeremy Allison

Re: Possible quick fix

> "you might as well use Samba v4 (I assume we're ignoring the fact it's based on Microsoft code)"

A correction. Samba is not, and has never been, based on Microsoft code. (Well, now we have a Microsoft engineer on the Samba Team I suppose his changes could now be accurately described as such, but he writes new code, not cut-n-paste from the Microsoft git repositories :-).

Jeremy Allison,

Samba Team.

Encryption? This time it'll be usable, Thunderbird promises

Jeremy Allison

Re: The only reason "everyone" runs Outlook is because "everyone" uses Exchange.

In the respect of there not being samba.org supplied graphical configuration tools or ease-of-use features. We tried that with swat (the Samba web config tool) and it didn't end too well.

I'm happy it is easy and works out of the box for you, that's what we aim for :-).

Jeremy Allison

Re: The only reason "everyone" runs Outlook is because "everyone" uses Exchange.

I'll take Samba, as it's the one I know most about. Samba actually is "there", if by "there" you mean active use in many, many OEM products. It's not "there" as a general out-of-the-box user-installable Windows server replacement, that's probably true, but over the years I think we're realized that's not exactly where we want to be. The argument is "are we a product" or "are we a set of technologies". I personally think we're a set of technologies that other people use to build products, though opinions can differ of course.

I guarantee there are many many commercial products that you use daily that have Samba embedded in them (many cloud storage gateways as well as on-premises storage for example). So yeah, we're "there" in that respect.

Wine is becoming the same via Valve investment in Steam on Linux I think. That's their way forward. It's harder for LibreOffice.

Jeremy Allison

Re: The only reason "everyone" runs Outlook is because "everyone" uses Exchange.

OpenChange is a FLOSS replacement for Exchange, so the protocols are understood and implementations are available in open source.

Jeremy Allison

Re: @Blue Templar - Better Exchange support would be more welcome

Microsoft has now joined OIN. I don't think they are as scary for FLOSS projects anymore as you seem to think (they're certainly no longer any threat to Samba).

Chromebooks gain faff-free access to Windows file shares via Samba

Jeremy Allison

Re: Linux has had CIFS support w/o Samba for ages.

It's a security issue for ChromeOS. If the kernel code gets used and there's a bug allowing compromise, the whole system is compromised. If it's just libsmbclient it can (and is) sandboxed so there's less overall damage.

Jeremy Allison

Re: Not going to make a lot of difference?

You could always use it with Samba-AD:

https://www.samba.org/samba/news/releases/4.0.0.html

We're just about to release version 4.9, with lots of improvements. Chromebooks should work well with it (no Active Directory CALs needed).

Jeremy Allison

"Livin' in the 80's... you're livin' in the 80's" (with apologies to "The Killing Joke" :-).

Things have long since changed. Microsoft are a *big* Samba backer these days. I'll be up in Redmond next week working on SMB3 interop with Microsoft engineers.

Jeremy Allison

Re: DFS

It should do. That code is built into libsmbclient (in the function cli_resolve_path()) and so should follow DFS redirects. Please test it out and report.

Jeremy Allison

Nope, SMB2-only.

Jeremy Allison

"Sans Samba ?" It's uses Samba you muppet !

You guys should really reach out and check your sources before posting drivel :-).

This is based on libsmbclient (aka Samba) integrated into ChromeOS.

https://www.samba.org/samba/docs/current/man-html/libsmbclient.7.html

It's not like we're hard to get in touch with..

https://www.samba.org/~jra/

Here's why AI can't make a catchier tune than the worst pop song in the charts right now

Jeremy Allison

The Ultimate Melody

I'm glad they're failing in a way. Imagine if they used ML to create "The Ulimate Melody", and broadcast it on the Internet...

http://avalonlibrary.net/ebooks/Arthur%20C%20Clarke%20-%20Tales%20From%20The%20White%20Hart.pdf

:-).

Open source community crams itself into big tent

Jeremy Allison

Re: you can have any color you want as long as it is black

Not true. There are several engineers here (including me). I had a chat yesterday with Paul McKenny (he of the RCU code in the Linux kernel). He showed me some amazing stuff to do with formal proofs around the Linux kernel memory barrier logic. We are in the minority though :-).

Jeremy Allison

Bollocks to you ! I'm there, I'm speaking and I code every day :-). I must admit I'm in the minority though.

I've been going round counting the number of laptops I can see actually running Linux. I've only gotten to 4 so far (and one of them is mine of course). Bit depressing really...

US watchdog just gave up trying to get Google to explain YouTube's huge financial figures

Jeremy Allison

Re: "The EU is the only government entity to ever impose"

LDS wrote:

> "The EU ruling did more - it forced Microsoft to document its APIs and made them publicly available"

Not API's, *PROTOCOLS*. There's a *BIG* difference - although no one seems to understand why (I blame lack of technical education in schools :-).

No one gave a monkeys about their API's (unless you're writing code for Windows, in which case why do you care if other systems are successful or not), they are *useless* for Open Source, it's the on the wire *PROTOCOLS* that allow interop or not.

Trust me, I know what I'm talking about w.r.t. to EU vs Microsoft case :-).

Samba 4.8 to squish scaling bug that Tridge himself coded in 2009

Jeremy Allison

Link to the actual talk

For anyone interested (it's only 10 minutes long):

http://youtu.be/JNR8bJkWCjA

Jeremy Allison

Re: Samba is still relevant?

Even in a cloud-first world people still use SMB, even if only with legacy apps. There's a reason that Microsoft allow direct SMB access into the Azure Cloud.

Many of the cloud-gateway vendors I'm sure people are avid fans of use Samba under the hood to gateway existing useful applications into backend cloud storage.

We have some life in the old dog yet ! :-).

Jeremy Allison

Re: Samba forks a process per client; is that bug fixed?

Is that the Gluster of Ceph VFS module ? Sounds like the gluster one. That's a design bug in the gluster client libraries IMHO. They are assuming only one process connects from a client and so are profligate with resources. I think Red Hat is working on fixing that.

Game of Thrones author's space horror Nightflyers hitting telly

Jeremy Allison

Re: Meh

Roger Zelazny's "Lord of Light" is my favourite Science Fiction/Fantasy novel. Don't read the blurb on the back (that will ruin it :-), just dive in and enjoy !

Samba needs two patches, unless you're happy for SMB servers to dance for evildoers

Jeremy Allison

> Could get messy.

Almost certainly not from these specific bugs. They are not easily exploitable (but never say never of course). If a SMB server is not patched there are much easier exploitable issues than these recent ones to choose from.

Jeremy Allison

"REAL programmers do not NEED to do "garbage collection". They understand that for every 'malloc' or 'new', there must be a 'free' or 'delete'. And buffer sizes must be CHECKED. etc."

Samba uses the talloc library (invented locally) for this purpose. Check out https://talloc.samba.org/talloc/doc/html/index.html . It's a really nice piece of code which has stack/heap smashing protections etc. Lots of non-Samba code in Red Hat/Fedora also uses it.

Buffer overruns are harder, for much of SMB1/2/3 it's hard to auto-generate, as the protocol isn't defined in an interface definition language. Our DCE-RPC code is auto-generated and buffer overrun checked, as our IDL compiler (pidl) does this for us.

Unfortunately, due to C, these kind of bugs will always be with us. All we can do is be eternally vigilant and review everything.

Jeremy Allison

Error in the article text.

It states: "Samba's developers have detected exploits", that should be "Samba's developers have *NOT* detected exploits", because we haven't.

Never say never, but I can't see a way to exploit this (not that I'm an exploit expert). But better to fix than leave any possibility around.

Jeremy Allison

NFS is a simpler protocol, but not necessarily higher performing. SMB1/2/3 has lots of tricks to improve performance and can quite easily saturate most ethernet links.

Jeremy Allison

This ! C is notoriously difficult to get right. If I had to do Samba again from scratch I'd chose golang.

Jeremy Allison

Oooh. Thanks ! I never thought of myself as young at 55, but I'll take the compliment, thanks :-).

Linux kernel community tries to castrate GPL copyright troll

Jeremy Allison

Re: WTF? How is this bad??

Remember, the Linux Foundation is a USA 501(c)(6) non-profit, organizing on behalf of its members, *NOT* the Open Source or (heaven forbid) the Free Software community.

Anyone who is surprised at this simply hasn't been paying attention.

Other notable 501(c)(6) non-profits include the MPAA and the RIAA.

Now are you getting it ?

Rejecting Sonos' private data slurp basically bricks bloke's boombox

Jeremy Allison

Re: Contempt for users

> lack of SMB2+ support. They're STILL insisting on SMB1 for network shares

> despite all the security concerns and they fact their support line is going to get

> hammered when MS drop it shortly and everyone updates their NAS boxes.

Not only that, I've contacted their support line and email and personally offered support and help to move them onto SMB2+ (they're using Steve French's Linux kernel client and Steve and I can certainly fix this for them). I got a "thanks" back, but no follow up.

This tells me they're probably trying to figure out how to orphan people who are running their own NAS boxes and force everyone onto shitty-quality streaming cloud music, for whatever reasons (probably trying to get a cut of that sweet rental revenue). If that happens I'm ditching my SONOS stuff on eBay - which will hurt, I've spent a *LOT* of money on them over the years and previously was a very happy customer until the abomination of their latest Android app update.

The latest app update makes the system virtually unusable from a UI/usability point of view (my wife has already given up on it).

Ghost of NTLM still haunts Microsoft: Aged protocol hole patched

Jeremy Allison

Samba not vulnerable

We fixed this with the "badlock" patchset already. We also notified Microsoft about this issue at the same time, but it looks like the fix took a while to filter through the system.

Page: