Proposal for changes in become root
Ralph Boehme
slow at samba.org
Mon Apr 22 10:30:16 UTC 2024
Hi Xavi
On 4/22/24 11:11, Xavi Hernandez via samba-technical wrote:
> What do you think ?
the future plan is to move the impersonation to the VFS by passing an
abstract impersonation object to all VFS functions and then let the VFS
modules do the impersonation.
metze and I have designed and implemented 75% of what would be needed here:
<https://git.samba.org/?p=slow/samba.git;a=shortlog;h=refs/heads/impersonation>
The top commit has a few notes and TODO.
<https://git.samba.org/?p=slow/samba.git;a=blob;f=Impersonation_Plan.org;h=ea6fe04825ec57ba4c0a7e6476255129e3f3133a;hb=f4ca9ebfc1269bbe7c3319eb991e1d0ea44a08a9>
This is probably not what you were asking for, but I'm afraid tunneling
become_root() through the VFS would further complicate the current logic
and also doesn't allow avoiding all impersonation changes, eg the logic
around change_to_user_and_service_by_fsp() and
become_user_without_service_by_fsp().
See also the recent problems caused by trying to use capabilities
instead of become_root(). Adding more logic to this is going to
massively hurt us in the long run.
Just throwing this out quickly here, we can provide more details and
help with the design, rebase or answer any questions you may have.
-slow
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature.asc
Type: application/pgp-signature
Size: 840 bytes
Desc: OpenPGP digital signature
URL: <http://lists.samba.org/pipermail/samba-technical/attachments/20240422/61324189/OpenPGP_signature.sig>
More information about the samba-technical
mailing list