TNG 0.7 - can't join domain
Sander Striker
s.striker at striker.nl
Tue Feb 29 18:23:20 GMT 2000
>damn, damn - ok, i bet the two are related.
>
>ok.
>
>become_root()
>...
>become_root()
>...
>unbecome_root() - really does unbecome root
>...
>samr_drect_query_userinfo() - fails because it's not root
>...
>unbecome_root() - fails because we're already non-root.
>
>dammit.
>
>i'm not certain as to how to eliminate this, because according to some
>people we should _only_ be running as root, which is a security risk if we
>do it at the moment because there is no checking otheerwise on file access
>inside the msrpc code.
I guess people are suggesting running as root and when doing file access
checking something like:
become_user(); check_access(file); unbecome_user();
>i could "fix" this by doing an increment on become_root() instead of
>root_depth = 1 do root_depth++...
For now, and for me personally, this is a good fix. Make sure to keep
it all symmetric though. It's very easy to forget an unbecome_root() :-)
Sander
More information about the samba-ntdom
mailing list