TNG 0.7 - can't join domain

Sander Striker s.striker at striker.nl
Tue Feb 29 20:37:09 GMT 2000


Hi,

>> I guess people are suggesting running as root and when doing file access
>> checking something like:
>>   become_user(); check_access(file); unbecome_user();
>> 
>	*cough* race conditions *cough*

heh heh

>	[ btw ... access(2) does NOT necessarily reflect the actual access
>you will get under all circumstances anyway ]
>
>	Anyway, if you take the root-unless-doing-file-access route, you
>really should do:
>
>	 become_user(); do_stuff_to_file_here_and_now(); unbecome_user();
>
>	Honestly, though, in a daemon that very rarely actually does
>anything on behalf of a particular user, it might make more sense to just
>run as some no-access user most of the time (still have to start as root,
>though), and treat root as just another user to become (externally).
>internally, it'd be something like (pseudocode):
>
>	 void push_security_context(uid_t uid) {
>	   do_push_security_context(); /* saves old uid, groups, etc */
>	   setuid(0); /* switch back to root */
>	   do_init_security_context(uid); /* initgroups, setuid(), etc */
>	 }
>
>	 void pop_security_context() {
>	   setuid(0); /* switch back to root */
>		do_pop_security_context(); /* restores old uid, groups, etc
>*/
>	 }

Hey, I agree with you. It's only that the discussion on how Luke's
daemons should be run, is going on like for ages now... I'm just
summarizing what the majority has said in my opinion.

Sander





More information about the samba-ntdom mailing list