Menu
What's new
By:
Filters Better Search

Samba guest access warning

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

Status
Not open for further replies.
V

vrapp

Senior Member
About 2 builds ago, new warning came up in admin interface for Samba:

By enabling [ Allow guest login ], any user in local network can access your network place(Samba) without authentication!

When guest access is allowed, this also shows warning exclamation mark in the header of every page.

attachment.php


But this is not quite "without authentication". While it's true that there's no per-user authentication for the ahre itself, LAN users were de-facto authenticated by giving them the wireless key. Users on the guest network, if it's enabled, are isolated and don't see SAMBA share. External users don't see it either.

It's certainly no big deal, but would be better without this yellow warning all the time.
 

Attachments

  • Capture-06-08-00001.png
    Capture-06-08-00001.png
    22.2 KB · Views: 1,932
vrapp said:
About 2 builds ago, new warning came up in admin interface for Samba:

By enabling [ Allow guest login ], any user in local network can access your network place(Samba) without authentication!

When guest access is allowed, this also shows warning exclamation mark in the header of every page.

attachment.php


But this is not quite "without authentication". While it's true that there's no per-user authentication for the ahre itself, LAN users were de-facto authenticated by giving them the wireless key. Users on the guest network, if it's enabled, are isolated and don't see SAMBA share. External users don't see it either.

It's certainly no big deal, but would be better without this yellow warning all the time.
Click to expand...

The warning is accurate. It IS without authentication. That means anyone can plug into a router Ethernet port, and gain full access to the Samba shares.

Samba authentication has nothing to do with wireless authentication.
 
For those who use their router at home when nobody else can connect to a lan port, better to have an option to disable this notification. For example if I want to make samba share accessible without password - I already know that it's not secure and no need to see that message

It's a little annoying really, but not critical :)
 
just curious merlin? do you even use this mode.

i 100% agree with the OP that warning makes about 0 sense. the settings is there so it can be set. if i set it on tomato it doesnt warn me, whats the problem with that? no one likes flashing warning for settings there purposely set

that being said. the ONLY people that should decide whether the feature should be there or not is the people who use it. i used it the other day then went back to tomato, and i didnt like that annoying pop-up. i dont think anyone who actually regularly uses the feature would like it....

the only time this feature could be useful. is saving you (merlin) the hassle of having someone bug you that someone could access there nas when they thought they couldnt. in which case you would reply "maybe you should learn about the feature your using before you use it"
 
Last edited:
RMerlin said:
That means anyone can plug into a router Ethernet port, and gain full access to the Samba shares.
Click to expand...

I still think that the warning at the time when I enable it, should be sufficient. I acknowledge by clicking OK, so I take responsibility.

I'd think, the number of environments where just anybody can walk up to the router with their own Ethernet cable in hand, and plug in, is.... very limited. If they can do that, they probably would simply pull out usb cable from the router and plug into their laptop; or even easier, steal the whole drive...

You know that the warnings are excessive when people start posting the CSS to hide all warnings...
 
Last edited:
connorm said:
just curious merlin? do you even use this mode.

i 100% agree with the OP that warning makes about 0 sense. the settings is there so it can be set. if i set it on tomato it doesnt warn me, whats the problem with that? no one likes flashing warning for settings there purposely set
Click to expand...

Just like anonymous FTP access is there too, and everyone raised Hell about it when it was left as the default setting by Asus, a lot of people having never taken the time to check what options were enabled/disabled. This is what led them to the addition to this notification icon.

It's just an icon. I don't see why people would get worked out about its presence. A lot of people simply don't know what they are doing, and randomly enable/disable option. This warning is there to ensure that those people don't leave their router wide open by accident.
 
There is a yellow notification near Allow guest login checkbox:

By enabling [ Allow guest login ], any user in local network can access your network place(Samba) without authentication!

Isn't enough? Every fool will see this.

By the way, with this "!" in webui, everyone who see it will understand that I have unsecured samba share and use this 'info leak' in their evil plans.
 
Marsi4eg said:
By the way, with this "!" in webui, everyone who see it will understand that I have unsecured samba share and use this 'info leak' in their evil plans.
Click to expand...

Now you are splitting hair. First, that notification scheme is used for multiple purposes by the firmware, not just for share access. And second, do you regularly access the webui in front of guests whom you do not trust? They can also see your WAN IP on that same page, while at it...
 
Ok, that last string of my message was a joke :)

But will be really nice to see an option to disable such notifications for advanced users
 
Marsi4eg said:
Ok, that last string of my message was a joke :)

But will be really nice to see an option to disable such notifications for advanced users
Click to expand...

Does the notification do anything beside showing an icon (i.e. is the popup shown automatically, or only if you click on it)? If the popup is automatically shown then I agree, it can be annoying, and I will consider adding an option to disable it. However if it's just an icon, then it's no worse than, for example, your antivirus icon showing a different color if you disabled parts of its protection.
 
I understand both positions, I don't like the exclamation mark, too and I think it's very excessive. FTP anonymous warning should only appear when enabling FTP over WAN and no security. SMB warning should never appear or only a single warning when disabling login.
Anyway I think I can stand that yellow exclamation mark even if it is quite irritating since it shouldn't be there..
 
I've removed the posts that were containing name-calling and personal attacks. Please keep the discussion civil, or else I will simply lock this thread.
 
Thread locked

Enough. Points have been made. Thread locked
 
Status
Not open for further replies.

Similar threads

L
Guest Network and Double NAT
Replies
6
Views
558
ljg1000
L
N
Help with access to SMB drive on ASUS router
Replies
15
Views
3K
sfx2000
sfx2000
TheLostSwede
ASUS Unveils RT-BE88U WiFi 7 Dual-Band Router
2 3 4
Replies
71
Views
7K
TheLostSwede
TheLostSwede
L
"Fun" with SAMBA on XT8 Mesh LAN (It's not working!)
2
Replies
24
Views
2K
LouisRedux
L
mmseng
Disabling "Access Intranet" on RT-AX86U guest network causes IoT devices on primary network to repeatedly disconnect
2
Replies
32
Views
3K
mmseng
mmseng
Similar threads
Thread starter Title Forum Replies Date
D Solved Samba, LACP & WireGuard. Question. Asuswrt-Merlin 5
muffintastic Cannot Stream from Router - Samba Problem Asuswrt-Merlin 2
S samba share from router-attached HDD Asuswrt-Merlin 2
E Struggling with Samba / UPnP Asuswrt-Merlin 4
eddiec repeater mode and samba share/cloud disk questions Asuswrt-Merlin 1
A Share /tmp syslog dir over Samba Asuswrt-Merlin 11
SevenFactors Clients Unable to Connect to Guest Network After Firmware Upgrade Asuswrt-Merlin 2
H changed AC68U to AX86U Pro, same guest network setting but all devices gone? Asuswrt-Merlin 11
D Creating an ethernet guest network Asuswrt-Merlin 5
S Network printer no longer available after activating Guest networks Asuswrt-Merlin 18

Similar threads

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Members online

Total: 578 (members: 15, guests: 563)
Top