[Info-vax] SAMBA and Ransomeware

Stephen Hoffman seaohveh at hoffmanlabs.invalid
Mon Jul 17 16:27:39 EDT 2017 

On 2017-07-17 19:13:19 +0000, Michael Moroney said:

> kludge at panix.com (Scott Dorsey) writes:
> 
>> Our question, then, becomes this: How do we, knowing we have an inherently
>> untrustworthy protocol, manage to implement it in the safest possible way?
>> Because we have to implement it.  And we have to do it as safely as we can.
> 
> I suppose the VMS server process has as few privileges as absolutely 
> possible, ideally TMPMBX+NETMBX only, if at all possible.

It's quite possible to cause issues with just minimal privileges, if an 
exploit allowing code execution can be located, or if sensitive data 
can be directly or indirectly bled back out of the server context.   
TMPMBX and NETMBX are also likely not enough for an app that's going to 
be a proxy into OpenVMS authentication and possibly also into whatever 
locking is necessary, there'll be additional access into OpenVMS 
granted via privilege or identifier or installation or UWSS, and that 
access potentially exposed, or there'll be a connection into a separate 
and additional authentication server component to mediate that access.  
Potentially for mounting the target device, and for accessing 
configuration information that remote users should not have direct or 
modify access into.

> Naive question: Are the protocols fundamentally broken, security wise, 
> or, in theory, could a good VMS programmer given the SMBx spec and no 
> existing code as a bad example, write a secure SAMBA implementation 
> from scratch?

SMB 1 is known to be problematic, and the SMB 2 replacement version 
became available over a decade ago. The current SMB 3.1.1 is not known 
to be problematic.   Could somebody choose to code up their own SMB 
server?   Sure.   Apple decided to write their own service, known as 
SMBX.    As for replicating the capabilities of Samba itself, that is a 
rather larger project.   This given the ability of Samba to provide an 
Active Directory server compatible with what Microsoft offers with 
Windows Server, for instance.

This discussion also approaches adding FUSE support into OpenVMS, and 
that's not something OpenVMS particularly has available.   This 
particularly if there's to be an SMB client for OpenVMS.

FUSE:

https://en.wikipedia.org/wiki/Filesystem_in_Userspace

SMBX:

https://www.murage.ca/os-x-yosemite-server-4-03-smb3/

SMB history, info:

https://en.wikipedia.org/wiki/Server_Message_Block


-- 
Pure Personal Opinion | HoffmanLabs LLC

More information about the Info-vax mailing list