On Thu, Jul 11, 2024 at 9:12 PM Steve French <smfrench@xxxxxxxxx> wrote: > > V2 of patch > > If you try to set /proc/fs/cifs/SecurityFlags to 1 it > will set them to CIFSSEC_MUST_NTLMV2 which no longer is > relevant (the less secure ones like lanman have been removed > from cifs.ko) and is also missing some flags (like for > signing and encryption) and can even cause mount to fail, > so change this to set it to Kerberos in this case. > > Also change the description of the SecurityFlags to remove mention > of flags which are no longer supported. > > On Tue, Jul 9, 2024 at 6:45 PM Steve French <smfrench@xxxxxxxxx> wrote: > > > > If you try to set /proc/fs/cifs/SecurityFlags to 1 it > > will set them to CIFSSEC_MUST_NTLMV2 which is obsolete and no > > longer checked, and will cause mount to fail, so change this > > to set it to a more understandable default (ie include Kerberos > > as well). > > > > Also change the description of the SecurityFlags to remove mention > > of various flags which are no longer supported (due to removal > > of weak security such as lanman and ntlmv1). > > > > > > > > -- > > Thanks, > > > > Steve > > > > -- > Thanks, > > Steve Looks good to me. -- Regards, Shyam
