Samba under Coherant and Macintosh
Luke Kenneth Casson Leighton
lkcl at samba.org
Sun Dec 19 21:22:27 GMT 1999
> > i was hoping not to have to do this _quite_ just yet and to use a
> > simplified model, first.
> you'd need it anyway, as become_user() would never have protected any
> of your data structures. So if there are data structures that can only
> be accessed as particular users then you need access control code. The
> underlying OS can't help with that because it doesn't know anything
> about those data structures.
the plan is to use that function i keep mentioning: it takes a user sid,
array-of-groups all as identification info as the first argument(s), an
access mask as the second (READ_ACCESS_REQUESTED | WRITE_ACCESS_REQUESTED
or FULL_CONTROL), and a security descriptor as the third.
it checks the security descriptor components.
for each pipe, for each function, for each info level (and i believe that
there is a basic mapping for these, i'll describe in a bit) you keep a
hard-coded security descriptor.
it's going to be a lot of work. there are well over a hundred locations
where this function needs to be called, so i hope to automate the process
add an extra field to the "opcode"-array in each of the files srv_*.c.
regarding the info levels, i think it goes something like this:
if (info_level % 10 == 0 or 1 && info_level < 1000)
if (info_level % 10 == 2 && info_level < 1000)
if (info_level >= 1000)
etc etc, you get the picture.
there are cases for levels at 0-10, 10X, 40X, 50X and 100X that need to be
examined in the MSDN to confirm this empirical observation.
then, you can just pass the info level to a function in order to obtain
the right security descriptopr.
i know what to do, it's just going to be a lot of work.
More information about the samba-technical