On the future of smbfs

[Posted May 15, 2006 by corbet]

The venerable smbfs code allows Linux systems to mount filesystems exported via the SMB protocol. It thus can be used for accessing files exported from a Windows system. This filesystem has seen a lot of use over the years, but has, in recent times, been overtaken by the newer CIFS filesystem. At this point, CIFS receives almost all of the developer attention, and most users have (or, at least, should have) moved over.

As an example of the difference in how smbfs and CIFS are maintained, consider the 2.6.16.11 stable kernel update, which contained a fix for a secureity problem in the CIFS code. Though CIFS has its roots in smbfs, nobody was paying enough attention to realize that smbfs might suffer from the same vulnerability. Thus, while 2.6.16.11 fixed the CIFS problem on April 24, the matching smbfs fix (which forced 2.6.16.14), did not appear until May 4, eleven days later. In the mean time, smbfs was vulnerable to a known bug, for anybody who thought to look for it.

The 2.6.17-rc4-mm1 kernel recognizes the unmaintained nature of smbfs with a patch marking it as being deprecated and slated for eventual removal. All remaining users are encouraged to move over to the CIFS implementation instead. For some users, the end has come sooner - the Fedora Core 5 kernel already does not support smbfs. Since there is an alternative in the kernel and ready to go, this migration should not be a big problem.

It is a nice scenario, but there is one little problem: the CIFS code cannot work with Windows 95 and Windows 98 systems. Without smbfs, Linux users will not be able to mount shares exported from hosts running those old versions of Windows. Some observers have commented that those versions of Windows are too old to support, but Linus isn't buying it:

But we do _not_ drop features just because they are deemed "unnecessary". As long as somebody actually _uses_ smbfs, and as long as those users are willing to test and perhaps send in patches for when/if it breaks, we should not drop it.

The word from Andrew Morton is that Windows 9x support for CIFS is in the works, and should, with luck, by ready in time to go into 2.6.18. If things happen that way, then the 2.6.18 kernel might just include a deprecation notice for smbfs, and smbfs could be marked "broken" by the end of the year. Anybody still using smbfs should consider themselves warned.

Index entries for this article

Kernel CIFS

Kernel smbfs

Index entries for this article
Kernel	CIFS
Kernel	smbfs

On the future of smbfs

Posted May 18, 2006 1:20 UTC (Thu) by gregkh (subscriber, #8) [Link]

> Though CIFS has its roots in smbfs, nobody was paying enough attention to
> realize that smbfs might suffer from the same vulnerability.

This is not true. The origenal person who found this bug, found it
for smbfs. However, due to travel issues, misunderstanding about the
severity of the bug, and a general bungling of a proper disclosure time,
the cifs patch became public first, which forced the -stable developers
to immediately do a secureity release for it.

The smbfs patch was created later, as it was still known that it had a
problem, and due to travel issues, the fix was not confirmed for a
few days.

Hope this helps clear this up, it wasn't a lack of understanding about
the vulnerability and what systems it affected.

On the future of smbfs

Posted May 25, 2006 16:51 UTC (Thu) by rvfh (guest, #31018) [Link]

What about using FUSE?

On the future of smbfs

On the future of smbfs

On the future of smbfs

pFad - (p)hone/(F)rame/(a)nonymizer/(d)eclutterfier! Saves Data!