widelinks && performance
Andrew Tridgell
tridge at samba.org
Wed Apr 14 13:03:23 GMT 1999
> Not if we fork() a process, chroot() only the child, that starts to
> listen to requests, while it uses a pipe to its parent to request for
> logging and locking.
I'd rather not do this as I don't think the problem warrents such a
drastic solution. Large slabs of Samba would have to be rewritten to
handle a chrooted environment, just think about printing, NIS+,
localtime mapping, the browsing files and any number of other
complexities.
I don't mind a few line change to make widelinks=no work faster, but a
wholesale rewrite just isn't justified. Setting widelinks=no is for
paranoid people. It doesn't actually add any security to Samba which
is why it is off by default. If users had the ability to create
symlinks over SMB connections then I'd be more worried, but as it is I
think a minimal fix is needed.
Cheers, Tridge
More information about the samba-technical
mailing list