CVS update: samba/source/smbd
Luke Kenneth Casson Leighton
lkcl at samba.org
Fri Jun 9 11:17:22 EST 2000
On Thu, 8 Jun 2000, Jeremy Allison wrote:
> Luke Leighton wrote:
>
> > added a NET_USER_INFO_3 struct to user_struct.
> >
> > register_vuid fills it with constructed info.
>
> Luke,
>
> I really don't like this code. Call me please as I
> intend to change it.
>
> We don't want a full NET_USER_INFO_3 in the vuid structs,
> as most of this info is never used in file/print serving
> and is complete baggage.
not so. take a look at smbd/lanman.c in api_NetWkstaGetInfo. the info
returned there is that which was obtained from a call to
domain_client_validate() - namely the contents of the NET_USER_INFO_3
structure.
> It also takes *no* account of the fact that the UNIX group
> list may be far larger than the available SID list in the
> NET_USER_INFO_3 struct and will happily overwrite memory
> *without checking*.
well that can be fixed by #defining LSA_MAX_GROUPS to NGROUPS_MAX, then,
can't it??
at present, they happen, and i was quite happy to assume, that they were
both #defined to 32.
> a dynamic
> array of SIDs is what should be used.
yeah, particularly as that's exactly what i have to construct, in
se_access_check().
> I'm also not pleased about the DEBUG(0,) calls that need
> removing.
they were there because andrew specifically requested that anything like
that be added, so it doesn't take him several hours to find, and yes, of
course they need to be removed -- once
> It also breaks the design of how smbd will be looking up
> SIDs by doing a lookupsids(user_name) and lookupsids(group_name)
> call to winbindd if it is running, and an internal mapping
> if not. smbd/passwd.c is the wrong place to do this.
we don't have those calls available right now - and they should not be by
name but by uid/gid -
More information about the samba-cvs
mailing list