Mounting to Windows share with domain user w/o password !?
Hi ,
I found weird mount.cifs behavior .
Having RHEL 5.6 . One Linix user successfully mount his Windows host share locally with the following command :
#sudo /bin/mount -t cifs //windows-host-name/share-name mount_point -o username=domain-name/user1
Since in our LAN Windows hostname reminds Windows account ( 8 characters) another user – say user2 after listing existing mounts may easily guess Windows account and as a result successfully mount user1’s Windows share without password !
As user2 :
##sudo /bin/mount -t cifs //windows-host-name/share-name mount_point -o username=domain-name/user1
#Password:
In both commands windows-host-name and share-name are the same
Any ideas ?
|