SYSKEY, TNG freeze, 2.0.x->TNG merge and other thoughts
Luke Kenneth Casson Leighton
lkcl at samba.org
Wed Feb 9 19:12:45 GMT 2000
On Wed, 9 Feb 2000, Nicolas Williams wrote:
> But look, if Luke wants to put become_user()/unbecome_user() calls in
> his code, they'll amount to nothing in most cases and so there will be
> no isse; someday someone will notice the utter uselessness of those
the way that NT does it is to provide a user security context for the
daemon to switch to _if_ they so desire.
i'd *prefer* to switch _to_ the user context, allowing the daemon to
switch back to its default context (root) if it so desires.
> - possibly a false sense of security
> - possibly complicate any attempt to multi-thread those daemons
> Now, my hands hurt, so I'll drop out of all of this for a while.
> Oh, and, as for SYSKEY, I just realized yesterday that SYSKEY and
> similar systems are going to be specific to each SAM database backend
> implementation, not generic to Samba. E.g., Luke Howard's SAM with LDAP
> with Windows 2000 schema will likely need to implement Microsoft's
> system, not Luke's. So if Samba is to have its own SYSKEY system it
> should really just be a library for some, not all, SAM implementations
> to use.
YES! of course it is!
additionally, it's user-configureable option, so what's everyone's
> Also, as for which TNG ideas to keep in a merge to a stable branch,
> IMNSHO (I stress the 'NS' bit :):
> - Modular MSRPC external to SMBD using localhost IPC for communication
> between SMBD and MSRPC daemons, including the latest PID/VUID and
> standard_sub_vuser() stuff we've been talking about.
> - Marshalling/Unmarshalling code separated from the implementation
> functions. Preferably the MSRPC daemons should consist only of the
> marshalling/unmarshalling functions and should dlopen() the shared
> object that contains the implementation functions; this would allow
> SAM/LSA/NETLOGON implementation options be configurable via smb.conf
> instead of just compile-time options.
that's the intent.
> - Multiple SAM backends (only one can run at a given time, of course).
> This capability is a result of the above two items. Same thing with
> LSA and NETLOGON implementations.
More information about the samba-technical