There is a guest access security bug on 4.1.8-T5.
I just updated an NV+ to 4.1.8-T5 and all three of my shares with AFP enabled showed guest access as enabled under Shares > Share Listing in Frontview.
Two of my shares which I had set with read/write set as the default access for the share over AFP, the guest user was able to access over AFP.
The share which I had default access set to disabled, but had a write-enabled user for, the guest user was unable to access (well at least it didn't show in the list of AFP shares).
Whilst not as severe as the issue on 4.2.18 for x86 (I think), this is still a security bug.
4.1.8-T5 Security issue - guest access bug [FIXED]
6 posts
• Page 1 of 1
4.1.8-T5 Security issue - guest access bug [FIXED]
by mdgm » Sun Jul 31, 2011 5:59 pm
Last edited by mdgm on Tue Aug 02, 2011 5:13 pm, edited 1 time in total.
Useful links: My ReadyNAS Gear|FAQ|Hardware Compatibility List|Docs: Setup Guide, Manual|Downloads|Unofficial Tips|GPL|MDGM on Twitter|MDGM's Unofficial Guides
NB: A ReadyNas is not an excuse not to have a backup. Fire, theft, multiple disk failures, other hardware failure, floods, user negligence etc. can all result in loss of data.
How we users can contact NETGEAR Technical Support | Australia: 1300 361 254 / Other Numbers|Online Submission
Unofficial Guide for Moving from Sparc ReadyNAS to x86 ReadyNAS|Using Gmail with the ReadyNAS|XRAID Volume Size Calculator
NB: A ReadyNas is not an excuse not to have a backup. Fire, theft, multiple disk failures, other hardware failure, floods, user negligence etc. can all result in loss of data.
How we users can contact NETGEAR Technical Support | Australia: 1300 361 254 / Other Numbers|Online Submission
Unofficial Guide for Moving from Sparc ReadyNAS to x86 ReadyNAS|Using Gmail with the ReadyNAS|XRAID Volume Size Calculator
-
mdgm - ReadyNAS Enthusiast
- Posts: 28619
- Joined: Tue Feb 17, 2009 9:34 pm
- Location: Down Under
- ReadyNAS: RN312
Re: 4.1.8-T5 Security issue - guest access bug
by Jedi Knight » Mon Aug 01, 2011 10:38 am
Will take a look..
NETGEAR Support / USA: 888-NETGEAR (International Numbers)
ReadyNAS.com / FAQ (Sending System Logs) | Documentation | Testimonials | Hardware Compatibility List | Add-Ons
Power comes from who you are; authority comes from what your role is, however, respect is measure by skills and abilities, not of the authority of rank.<br>
Sometime, We forget the basic of "everything" and my lips are seal..</br>
ReadyNAS.com / FAQ (Sending System Logs) | Documentation | Testimonials | Hardware Compatibility List | Add-Ons
Power comes from who you are; authority comes from what your role is, however, respect is measure by skills and abilities, not of the authority of rank.<br>
Sometime, We forget the basic of "everything" and my lips are seal..</br>
-
Jedi Knight - Jedi Council
- Posts: 1708
- Joined: Fri Dec 03, 2004 5:00 pm
- Location: AREA 54
- ReadyNAS: 4200
Re: 4.1.8-T5 Security issue - guest access bug
by Jedi Knight » Mon Aug 01, 2011 1:37 pm
Will be fix in next release.. thanks for reporting the issue.
NETGEAR Support / USA: 888-NETGEAR (International Numbers)
ReadyNAS.com / FAQ (Sending System Logs) | Documentation | Testimonials | Hardware Compatibility List | Add-Ons
Power comes from who you are; authority comes from what your role is, however, respect is measure by skills and abilities, not of the authority of rank.<br>
Sometime, We forget the basic of "everything" and my lips are seal..</br>
ReadyNAS.com / FAQ (Sending System Logs) | Documentation | Testimonials | Hardware Compatibility List | Add-Ons
Power comes from who you are; authority comes from what your role is, however, respect is measure by skills and abilities, not of the authority of rank.<br>
Sometime, We forget the basic of "everything" and my lips are seal..</br>
-
Jedi Knight - Jedi Council
- Posts: 1708
- Joined: Fri Dec 03, 2004 5:00 pm
- Location: AREA 54
- ReadyNAS: 4200
Re: 4.1.8-T5 Security issue - guest access bug
by WSJ » Tue Aug 02, 2011 12:35 pm
4.1.8-T9 is available (promising to fix the bug)
-
WSJ - Advanced ReadyNAS User
- Posts: 130
- Joined: Tue Oct 19, 2010 1:17 pm
- Location: Germany
- ReadyNAS: Duo
Re: 4.1.8-T5 Security issue - guest access bug
by mdgm » Tue Aug 02, 2011 4:01 pm
I'll have to update my NV+ with AFP enabled now to confirm this is fixed. It'll take me about half an hour to download it there as I have a slow internet connection there.
Useful links: My ReadyNAS Gear|FAQ|Hardware Compatibility List|Docs: Setup Guide, Manual|Downloads|Unofficial Tips|GPL|MDGM on Twitter|MDGM's Unofficial Guides
NB: A ReadyNas is not an excuse not to have a backup. Fire, theft, multiple disk failures, other hardware failure, floods, user negligence etc. can all result in loss of data.
How we users can contact NETGEAR Technical Support | Australia: 1300 361 254 / Other Numbers|Online Submission
Unofficial Guide for Moving from Sparc ReadyNAS to x86 ReadyNAS|Using Gmail with the ReadyNAS|XRAID Volume Size Calculator
NB: A ReadyNas is not an excuse not to have a backup. Fire, theft, multiple disk failures, other hardware failure, floods, user negligence etc. can all result in loss of data.
How we users can contact NETGEAR Technical Support | Australia: 1300 361 254 / Other Numbers|Online Submission
Unofficial Guide for Moving from Sparc ReadyNAS to x86 ReadyNAS|Using Gmail with the ReadyNAS|XRAID Volume Size Calculator
-
mdgm - ReadyNAS Enthusiast
- Posts: 28619
- Joined: Tue Feb 17, 2009 9:34 pm
- Location: Down Under
- ReadyNAS: RN312
Re: 4.1.8-T5 Security issue - guest access bug [FIXED]
by mdgm » Tue Aug 02, 2011 5:14 pm
Just checked and it's fixed in T9.
Useful links: My ReadyNAS Gear|FAQ|Hardware Compatibility List|Docs: Setup Guide, Manual|Downloads|Unofficial Tips|GPL|MDGM on Twitter|MDGM's Unofficial Guides
NB: A ReadyNas is not an excuse not to have a backup. Fire, theft, multiple disk failures, other hardware failure, floods, user negligence etc. can all result in loss of data.
How we users can contact NETGEAR Technical Support | Australia: 1300 361 254 / Other Numbers|Online Submission
Unofficial Guide for Moving from Sparc ReadyNAS to x86 ReadyNAS|Using Gmail with the ReadyNAS|XRAID Volume Size Calculator
NB: A ReadyNas is not an excuse not to have a backup. Fire, theft, multiple disk failures, other hardware failure, floods, user negligence etc. can all result in loss of data.
How we users can contact NETGEAR Technical Support | Australia: 1300 361 254 / Other Numbers|Online Submission
Unofficial Guide for Moving from Sparc ReadyNAS to x86 ReadyNAS|Using Gmail with the ReadyNAS|XRAID Volume Size Calculator
-
mdgm - ReadyNAS Enthusiast
- Posts: 28619
- Joined: Tue Feb 17, 2009 9:34 pm
- Location: Down Under
- ReadyNAS: RN312
6 posts
• Page 1 of 1
Return to Public RAIDiator Beta for ReadyNAS NV+/Duo/1100
Who is online
Users browsing this forum: No registered users and 4 guests