FW: Speed comp. TNG & 2.2.alpha (fwd)
Cole, Timothy D.
timothy_d_cole at md.northgrum.com
Wed Feb 28 15:39:22 GMT 2001
> -----Original Message-----
> From: Peter Samuelson [SMTP:peter at cadcamlab.org]
> Sent: Tuesday, February 27, 2001 21:16
> To: Steve Langasek
> Cc: Andrew Bartlett; Luke Kenneth Casson Leighton; Multiple recipients
> of list; Samba NT Domains Mailing List; tng-users at lists.dcerpc.org
> Subject: Re: FW: Speed comp. TNG & 2.2.alpha (fwd)
>
>
> [Steve Langasek]
> > and mangle them by appending a non-printable character to the group
> > name returned?
>
> Hmmm, interesting thought. The above is a way of "tricking" the NT
> end-user into thinking the user and group are equivalent, while not
> tricking the system -- and as such its efficacy depends on the
> like-named user and group actually being semantically equivalent, for
> human purposes.
>
> I think I sort of like Andrew's proposal better -- ignore the duplicate
> group names entirely w/r/t sending and receiving security descriptor
> information. (NT doesn't require it, since unlike Unix it doesn't
> assume that every file has a group.) If the client wants to change the
> ACL of a file to have no groups in it, you can use the default
> nobody-group ('nogroup' on my Linux box).
>
I think a more practicable approach (as NT, lacking a terminal
metaphor, doesn't really have the notion of 'non-printable' characters
(you'll get boxes/blibbets), unless you want to play some Unicode-only
games) would be to consistently prefix all unix group names with '@' by
default. It's simple, it's consistent, and I think it works.
More information about the samba-technical
mailing list