Samba under Coherant and Macintosh

Luke Kenneth Casson Leighton lkcl at
Sun Dec 19 21:22:27 GMT 1999

> > i was hoping not to have to do this _quite_ just yet and to use a
> > simplified model, first.
> you'd need it anyway, as become_user() would never have protected any
> of your data structures. So if there are data structures that can only
> be accessed as particular users then you need access control code. The
> underlying OS can't help with that because it doesn't know anything
> about those data structures.

the plan is to use that function i keep mentioning: it takes a user sid,
array-of-groups all as identification info as the first argument(s), an
or FULL_CONTROL), and a security descriptor as the third.

it checks the security descriptor components.

for each pipe, for each function, for each info level (and i believe that
there is a basic mapping for these, i'll describe in a bit) you keep a
hard-coded security descriptor.

it's going to be a lot of work.  there are well over a hundred locations
where this function needs to be called, so i hope to automate the process

add an extra field to the "opcode"-array in each of the files srv_*.c.

regarding the info levels, i think it goes something like this:

if (info_level % 10 == 0 or 1 && info_level < 1000)
	return security_descriptor_everyone;
if (info_level % 10 == 2 && info_level < 1000)
	return security_descriptor_authenticated_user;
if (info_level >= 1000)
	return sd_admins;

etc etc, you get the picture.

there are cases for levels at 0-10, 10X, 40X, 50X and 100X that need to be
examined in the MSDN to confirm this empirical observation.

then, you can just pass the info level to a function in order to obtain
the right security descriptopr.

i know what to do, it's just going to be a lot of work.


More information about the samba-technical mailing list