generic ACL interface (RFC)

Luke Kenneth Casson Leighton lkcl at
Thu Jul 29 18:38:34 GMT 1999

On Thu, 29 Jul 1999, Jeremy Allison wrote:

> Luke Kenneth Casson Leighton wrote:
> > how can group "y" be "associated" with a process [owned by user x]?
> Group 'y' is in the current list of groups attached to the
> process data structure in the kernel. That's how.
> > *sigh*...  ok.... hmmm... it's different in nt: processes inherit security
> > contexts, but the security context contains a single SID (methinks...)
> > which can represent SYSTEM, user, group, alias etc.
> Nope. The security context of a process (known as the
> 'token' in NT) contains a *list* of SIDs. One is the
> process primary SID (user SID), one is a process group-primary
> SID (treated no differently than any other group SID in NT, but
> treated as the primary  group SID by the NT POSIX subsystem) and
> the rest are the list of group-SIDs that the user is in.

excellent, thx for info, jeremy.
> The two security models are quite similar, except that
> (as usual) NT makes it *much* more complicated by adding
> things like "impersonation tokens", which are really just
> ways of associating more than one uid/group[array] structure
> with a process and allowing the process to swap between them
> at will (but only if the secondary structure was given to the
> process by a 'valid' method, ie. via the kernel or from some
> other process).
> This is why I don't want to duplicate this dogs-dinner
> on UNIX in Samba :-).

implementing that sort of thing [impersonation tokens]?  no thanks!

a "simplified" version that covers all we need.  acceptable?


More information about the samba-technical mailing list