security review of authorise_login() requested (or an explanation :)

Luke Kenneth Casson Leighton lkcl at
Tue Feb 8 00:38:45 GMT 2000

hi, why is authorise_login() doing a check for a previously registered
guest username, and then if this succeeds, setting the guest status to
True without reinitialising any other info?

i mean, is it _ok_ to reuse user_structs like this?

yours, confused,


<a href="mailto:lkcl at"   > Luke Kenneth Casson Leighton    </a>
<a href=""> Samba and Network Development   </a>
<a href=""        > Samba Web site                  </a>
<a href=""      > Internet Security Systems, Inc. </a>
<a href=""          > Macmillan Technical Publishing  </a>

 ISBN1578701503 DCE/RPC over SMB: Samba and Windows NT Domain Internals

More information about the samba-technical mailing list