vuids & tids

[Andrew Bartlett]

> Nigel Williams wrote:
> 
> Hi,
> 
> Samba keeps a list of 'vusers' associated with vuids.  These vusers
> are stored at process scope and are not related to any cnum or tid.
> Within switch_message the vuid in each smb request is used to change
> the process's credentials before the request is processed.  This
> suggests that in situations where there is more than one session
> active over a particular tcp connection it is possible for one vuser
> to issue requests directed at a tid created for another vuser.  Has
> this been observed or does each vuser connect their own trees?

Fortunetly the become_user() function in smbd/uid.c contains the
following snippit:

	if((vuser != NULL) && !check_user_ok(conn, vuser, snum))
		return False;

Therefore the user have been able to connect to the share for access to
be granted at all, however I do understand that different vuids are able
to connect to each other's shares, after they pass this test.  

Andrew Bartlett

-- 
Andrew Bartlett
abartlet at pcug.org.au
abartlet at samba.org