Security Identifier (SID) to User Identifier (uid) Resolution System

[Luke Kenneth Casson Leighton]

> 	Well, I said what I did under the assumption that there would be no
> mapping from -2 back to any SID (i.e. the mapping function would fail).

the mapping from SID to unknowwn uid MUST fail.  the mapping from uid to
unknown SID MUST fail.

> 	The only reason for mapping to nobody is that it has to map to
> SOMETHING as far as POSIX is concerned.  If you stat() such an object, and
> you simply have no mapping for it's SID to fill out the st_uid field with,
> it's basically a choice of either root or nobody.  Nobody really does mean
> nobody, so it really oughtn't map back to an SID at all.

what's wrong with failing the stat(), or other file operation if the
mapping function (either way) fails?

> 	I don't think creating a mapping on-the-fly is appropriate in the
> kernel, because that's heavily a policy decision (i.e. some range of uids
> must be allocated, etcetera).  Now, the one sticky bit (no pun) is what you
> do if you have a whole slew of SIDs on the disk that aren't otherwise
> already known to your system -- I don't know quite what do do about that
> case.  I'd tend to think you'd have a similar situation on an NT box,
> though.

yep.  those are "deleted" sids, or the trusted domain relationship failed,
or someone's been mesing with a sam db.  etc.