FW: Speed comp. TNG & 2.2.alpha (fwd)

Cole, Timothy D. timothy_d_cole at md.northgrum.com
Wed Feb 28 15:39:22 GMT 2001


> -----Original Message-----
> From:	Peter Samuelson [SMTP:peter at cadcamlab.org]
> Sent:	Tuesday, February 27, 2001 21:16
> To:	Steve Langasek
> Cc:	Andrew Bartlett; Luke Kenneth Casson Leighton; Multiple recipients
> of list; Samba NT Domains Mailing List; tng-users at lists.dcerpc.org
> Subject:	Re: FW: Speed comp. TNG & 2.2.alpha (fwd)
> 
> 
> [Steve Langasek]
> > and mangle them by appending a non-printable character to the group
> > name returned?
> 
> Hmmm, interesting thought.  The above is a way of "tricking" the NT
> end-user into thinking the user and group are equivalent, while not
> tricking the system -- and as such its efficacy depends on the
> like-named user and group actually being semantically equivalent, for
> human purposes.
> 
> I think I sort of like Andrew's proposal better -- ignore the duplicate
> group names entirely w/r/t sending and receiving security descriptor
> information.  (NT doesn't require it, since unlike Unix it doesn't
> assume that every file has a group.)  If the client wants to change the
> ACL of a file to have no groups in it, you can use the default
> nobody-group ('nogroup' on my Linux box).
> 
	I think a more practicable approach (as NT, lacking a terminal
metaphor, doesn't really have the notion of 'non-printable' characters
(you'll get boxes/blibbets), unless you want to play some Unicode-only
games) would be to consistently prefix all unix group names with '@' by
default.  It's simple, it's consistent, and I think it works.






More information about the samba-ntdom mailing list