Package: swat
Version: 2:3.2.1-1
Severity: minor
This is part of a set of related bugreports on the packages in the
Samba suite; I've already reported many of these issues (with some
suggested fixes) as a single bugreport on samba4 (see #486370), but
since that approach is a dud I'm trying the alternative of splitting
them up and targetting individual packages.
Current package description:
# Description: Samba Web Administration Tool
# The Samba software suite is a collection of programs that
# implements the SMB/CIFS protocol for unix systems, allowing you to serve
# files and printers to Windows, NT, OS/2 and DOS clients. This protocol
# is sometimes also referred to as the LanManager or NetBIOS protocol.
# .
# This package contains the components of the Samba suite that are needed
# for Web administration of the Samba server.
# .
# SWAT will rewrite the smb.conf file. It will rearrange the entries and
# delete all comments, include= and copy= options. If you use a carefully
# crafted smb.conf, you should probably avoid using SWAT.
Problems shared with other packages in the set:
* Samba is all about OS interoperability, so keep the OS names
straight. It's not just for "unix systems", it's also for
GNU/Linux! Likewise, "Windows, NT, OS/2 and DOS clients"...
NT is also Windows, and Samba works for (smbclient on)
OpenVMS too!
* the SMB/CIFS protocol is only referred to as "the LanManager or
NetBIOS protocol" by people copying this text.
Problems unique to this package:
* capitalising the W in "web administration" implies "World Wide
Web", which... oh, hang on.
I was assuming a default install of SWAT would only be accessible
from localhost, but in fact there's no sign of any access
restrictions. This would imply that the package description ought
to include some kind of extra warning about connections to
http://hostaddress:901 sending your root password over the wire in
the clear...
And if the rationale for the "wontfix" tag on bug #330490 is that
SWAT is moribund, this fact should also be prominently documented.
Suggested replacement text:
| Description: Samba Web Administration Tool
| The Samba software suite implements the SMB/CIFS protocol, providing
| cross-platform support for Windows-style network shares.
| .
| This package gives a Samba server an administrative interface accessible
| via a web browser.
| .
| SWAT is no longer actively maintained, and its default configuration is
| not secure for use over an untrusted network. You should also avoid
| using it if you have a carefully crafted Samba configuration file; SWAT
| will rewrite smb.conf, rearranging the entries and deleting all comments
| as well as include= and copy= options.
--
JBR - please CC me (or the debian-l10n-english list) in replies
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
