Combined use of samba cvs main and SAMBA_TNG

Jeremy Allison jeremy at
Mon Jan 3 23:12:43 GMT 2000

Luke Kenneth Casson Leighton wrote:

> the cvs main smbd will automatically check for the msrpc services running
> [from the SAMBA_TNG branch].  if it doesn't find them, cvs main smbd will
> fall back to using its own, internal msrpc code.

Unfortunately I'm not *amazingly* happy with the code
changes as they seem to be a bit big and touch a lot of

I note that when you open the pipe in the lock directory
you do *no* permissions checking to ensure that this pipe
was created by a root level process. 

Passing off authentication requests to whichever process
created the pipe may be considered, well, suspect.

I'm not sure the code you wrote is a security problem, but
I need to think about potential exploits and be concerned
here I think.

I'm not going to revert the changes you made, I'm going
to let Andrew take a look and decide first, as he is 
officially in charge of HEAD.

Please don't put these changes into the 2_0_X branches


Buying an operating system without source is like buying
a self-assembly Space Shuttle with no instructions.

More information about the samba-technical mailing list