Over the easter weekend I have decided once again to setup my network just the way I like it. Up to this point everything is going well, the Samba shares on the linux machines are at last accessible through the firewall and the Linux machines can access the Windows shares. Now the problems start.
It's all well and good being able to share the files but I want to restrict access to just me. The linux machines allow this to be done very simply in the configuration of the shares in smb.conf. XP Home on the other hand has none of this, it has "Simple File Sharing". This Simple File Sharing (SFS) is as it sounds, simple. It is to allow the users in the home to share a few files amongst machines and it achieves this. The major drawback is that it doesn't allow for any restriction of the share, its either available or it isn't.
Given the fact that the people attempting to use SFS probably have a weak or unsecured network this is a big mistake. XP Pro also has SFS but this can be disabled for "Advanced" sharing controls. Microsoft have basically released a crippled product whilst at the same time making it insecure. A novice user can in a few clicks share the C: drive and even make it writeable. If this novice user put the machine, a laptop perhaps, on a public network they could allow anybody access to copy/modify their system. There is a point at which things become too simple for their own good.
I am now posed with a problem I have spent alot of time and effort configuring my Linux machines to be very tightly secured with custom firewalls on each, do I really want XP Home to be the weak point? It's time for a rethink of my approach to the problem, ridding myself of XP Home or any version of Windows for that matter may ultimately be the best solution.