FW: Speed comp. TNG & 2.2.alpha (fwd)
Luke Kenneth Casson Leighton
lkcl at samba-tng.org
Mon Mar 12 11:39:32 GMT 2001
On Mon, 5 Mar 2001, Elrond wrote:
> On Tue, Mar 06, 2001 at 12:08:50AM +1100, Luke Kenneth Casson Leighton wrote:
> [...]
> > > Of course the other way round will get interesting, what
> > > happens, if we have a file with a GID, that SURS does not
> > > known about...
> >
> > that's a system configuration error.
> >
> > what happens on unix when you ave a file owned by a uid or a gid that
> > isn't in /etc/passwd or /etc/group?
> >
> > 1) ls -al shows numbers not names
> >
> > 2) only root can change ownership of the file.
> >
> > well, we can't do an equivalent to 1) in the "unknown" circumstances, with
> > SURS. so throw an error: let the app deal with it [access denied].
>
> Okay, that sounds reasonable, somewhat.
>
> Bad, there's no "nobody"-SID on NT...
they have the concept of guest account.
enabling the guest account allows users without accounts to log in and
become the guest, even without a password. a bit like "map username" but
on a smaller scale.
adding a password to the guest account requires that anyone can log in as
any username but they must know the guest password. they become guest,
regardless of username they type in.
> (For ACLs, we can simply "ignore" unknown GIDs/UIDs, but
> for owner/group of a file, we can't. I guess, NT wont like
> it, if it requests that info and we return a NULL-ptr in
> the SD, or will it like that?)
a NULL-ptr SD means "full permissions, including the right to take
ownership"!
:) :)
----- Luke Kenneth Casson Leighton <lkcl at samba-tng.org> -----
"i want a world of dreams, run by near-sighted visionaries"
"good. that's them sorted out. now, on _this_ world..."
More information about the samba-ntdom
mailing list