SYSKEY, TNG freeze, 2.0.x->TNG merge and other thoughts
James Sutherland
jas88 at cam.ac.uk
Thu Feb 10 07:54:26 GMT 2000
On Thu, 10 Feb 2000, Luke Kenneth Casson Leighton wrote:
> > Yes, and there are reasons why HKLM\SAM is NOT a directory with up to 100
> > 000 files in it - even Macrosoft code isn't THAT inefficient (usually).
> > It's a file (registry hive), with access control implemented by the only
> > process allowed to access it.
>
> bad example to pick.
>
> 1) the SAM is loaded into memfrom what i can tell, at start-up time. i
> may be wrong about this.
On boot, the security subsystem runs through building up various lookup
tables (presumably an index), but the file on disk is always open.
> 2) the registry is implemented at the kernel level, for "speed"
> optimisations. this results in me being able to modify rpcclient and take
> out an NT box with a blue-screen if i have an "authenticated user" SMB
> connection (guest, user, admin but not anon-connect).
Irrelevant - unless you were planning on incorporating the NT kernel into
Samba?! That is just a bug/implementation issue with NT - nothing to do
with the concept of storing data in a database the user can't get to
directly...
James.
More information about the samba-technical
mailing list