SYSKEY, TNG freeze, 2.0.x->TNG merge and other thoughts

Luke Kenneth Casson Leighton lkcl at
Wed Feb 9 19:12:45 GMT 2000

On Wed, 9 Feb 2000, Nicolas Williams wrote:

> But look, if Luke wants to put become_user()/unbecome_user() calls in
> his code, they'll amount to nothing in most cases and so there will be
> no isse; someday someone will notice the utter uselessness of those

the way that NT does it is to provide a user security context for the
daemon to switch to _if_ they so desire.

i'd *prefer* to switch _to_ the user context, allowing the daemon to
switch back to its default context (root) if it so desires.

>  - possibly a false sense of security
>  - possibly complicate any attempt to multi-thread those daemons
> Now, my hands hurt, so I'll drop out of all of this for a while.
> Oh, and, as for SYSKEY, I just realized yesterday that SYSKEY and
> similar systems are going to be specific to each SAM database backend
> implementation, not generic to Samba. E.g., Luke Howard's SAM with LDAP
> with Windows 2000 schema will likely need to implement Microsoft's
> system, not Luke's. So if Samba is to have its own SYSKEY system it
> should really just be a library for some, not all, SAM implementations
> to use.

YES!  of course it is!

additionally, it's user-configureable option, so what's everyone's
> Also, as for which TNG ideas to keep in a merge to a stable branch,
> IMNSHO (I stress the 'NS' bit :):
>  - Modular MSRPC external to SMBD using localhost IPC for communication
>    between SMBD and MSRPC daemons, including the latest PID/VUID and
>    standard_sub_vuser() stuff we've been talking about.
>  - Marshalling/Unmarshalling code separated from the implementation
>    functions. Preferably the MSRPC daemons should consist only of the
>    marshalling/unmarshalling functions and should dlopen() the shared
>    object that contains the implementation functions; this would allow
>    SAM/LSA/NETLOGON implementation options be configurable via smb.conf
>    instead of just compile-time options.

that's the intent.
>  - Multiple SAM backends (only one can run at a given time, of course).
>    This capability is a result of the above two items. Same thing with
>    LSA and NETLOGON implementations.


More information about the samba-technical mailing list