Dangerous SMB share discovered after OneFS 8 upgrade

254 views
Skip to first unread message

John Beranek - PA

unread,
Jun 16, 2017, 9:40:13 AM6/16/17
to Isilon Technical User Group
Hi all,

A number of months ago we upgraded our 2 Isilon clusters from 7.1.1.x to 8.0.0.3.

Just now I discovered an SMB share named "ifs" on both clusters, which I'm pretty sure wasn't there before the upgrade. (What we did have was a very restricted, read-only share called "ifs$").

This share was dangerously open, namely:

$ isi smb share view ifs
                                     Share Name: ifs
                                           Path: /ifs
                                    Description: Isilon OneFS
                     Client-side Caching Policy: manual
Automatically expand user names or domain names: False
Automatically create home directories for users: False
                                      Browsable: True
Permissions:
Account  Account Type  Run as Root  Permission Type  Permission
----------------------------------------------------------------
Everyone wellknown     False        allow            full
----------------------------------------------------------------
Total: 1

I can only think that the upgrade has added a default SMB share, and one with very dubious security settings.

So, take this as a warning, after an upgrade to OneFS 8.x you may want to check your configured SMB shares!

Cheers,

John

Erik Weiman

unread,
Jun 16, 2017, 9:53:33 AM6/16/17
to isilon-u...@googlegroups.com
This is a default share that comes with all versions of OneFS. I've not heard of an upgrade re-adding this share though. 

--
Erik Weiman 
Sent from my iPhone 7
--
You received this message because you are subscribed to the Google Groups "Isilon Technical User Group" group.
To unsubscribe from this group and stop receiving emails from it, send an email to isilon-user-gr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Andrew Stack

unread,
Jun 16, 2017, 11:28:54 AM6/16/17
to isilon-u...@googlegroups.com
Yes, fraid this is not true.  We recently upgraded from 7.2.1.2 to 8.0.0.4 and this share is not present / was not created post update.

Regards,

Andrew

On Fri, Jun 16, 2017 at 6:53 AM, Erik Weiman <erik.j...@gmail.com> wrote:
This is a default share that comes with all versions of OneFS. I've not heard of an upgrade re-adding this share though. 

--
Erik Weiman 
Sent from my iPhone 7
To unsubscribe from this group and stop receiving emails from it, send an email to isilon-user-group+unsubscribe@googlegroups.com.

For more options, visit https://groups.google.com/d/optout.

--
You received this message because you are subscribed to the Google Groups "Isilon Technical User Group" group.
To unsubscribe from this group and stop receiving emails from it, send an email to isilon-user-group+unsubscribe@googlegroups.com.

For more options, visit https://groups.google.com/d/optout.



--
Andrew Stack
Sr. Storage Administrator, Storage SSF Data Center Services
Pharma Informatics
Genentech/F. Hoffmann-La Roche Ltd.
Mobile - 650.867.5524
Reply all
Reply to author
Forward
0 new messages