new parameter: "secure include"

Dan Kaminsky effugas at best.com
Thu Jun 10 19:13:57 GMT 1999


> 
> >In the theme of what Andy and I are working on, it *MIGHT* be cleaner to
> >create an "include command" option that would offload permissions checking
> >/ live parameter generation to an arbitrary script.  That way, *any*
> >security policy could be implemented.
> 
> I do like that idea.  Would you propose this in addition to "secure
> include"?  My thinking is, have what the permissions I have now be the
> default, but if "include command" != NULL, then check those inside of
> "secure include" instead.

My thinking is to *replace* secure include(which is a great stopgap) with
a command that allows the admin to dynamically generate their includes
and/or evaluate new includes.  So, for example you could have only certain
parameters allowed, certain groups, username that exists in an arbitrary
text file, etc.

This is all related to some new stuff I'm documenting up, so that's where
this comes from.  Basically, hardcoding things like "security" is very
dependant on what one specific site defines as security...

How many websites wish they could do "secure = 1" and be done with it...
 
You could have as many include commands as you wanted, just as you can
now.  Might be some need to define what goes into each variable though.



More information about the samba-technical mailing list