generic ACL interface (RFC)
Luke Kenneth Casson Leighton
lkcl at switchboard.net
Thu Jul 29 18:38:34 GMT 1999
On Thu, 29 Jul 1999, Jeremy Allison wrote:
> Luke Kenneth Casson Leighton wrote:
>
> > how can group "y" be "associated" with a process [owned by user x]?
>
> Group 'y' is in the current list of groups attached to the
> process data structure in the kernel. That's how.
>
> > *sigh*... ok.... hmmm... it's different in nt: processes inherit security
> > contexts, but the security context contains a single SID (methinks...)
> > which can represent SYSTEM, user, group, alias etc.
>
> Nope. The security context of a process (known as the
> 'token' in NT) contains a *list* of SIDs. One is the
> process primary SID (user SID), one is a process group-primary
> SID (treated no differently than any other group SID in NT, but
> treated as the primary group SID by the NT POSIX subsystem) and
> the rest are the list of group-SIDs that the user is in.
excellent, thx for info, jeremy.
> The two security models are quite similar, except that
> (as usual) NT makes it *much* more complicated by adding
> things like "impersonation tokens", which are really just
> ways of associating more than one uid/group[array] structure
> with a process and allowing the process to swap between them
> at will (but only if the secondary structure was given to the
> process by a 'valid' method, ie. via the kernel or from some
> other process).
>
> This is why I don't want to duplicate this dogs-dinner
> on UNIX in Samba :-).
implementing that sort of thing [impersonation tokens]? no thanks!
a "simplified" version that covers all we need. acceptable?
luke
More information about the samba-technical
mailing list