VFS Implementation and user authentication
Luke Kenneth Casson Leighton
lkcl at samba.org
Mon Sep 18 04:20:18 GMT 2000
> But I so would like it if Unix systems supported SIDs or something like
> that. It would make mergers easier (I'm on my 6th bank merger now).
that _is_ technically possible. i talked to steven tweedie and alan cox
at ukuug 2000.
apparently, both the linux nfs server _and_ the coda filesystem have
callbacks from kernel-space to user-space on certain functions.
e.g open(), rename(), unlink(), mkdir(), rmdir().
in this way, the interpretation of security can be performed. in
user-space, the security blob will need to be obtained, a call to SURS
will be required, as will a call to se_access_check() for the type of
operation being carried out.
More information about the samba-technical