vuids & tids

Gerald Carter gcarter at
Mon Jul 23 13:29:04 GMT 2001

On Sun, 22 Jul 2001, Nigel Williams wrote:

> Hi,
> Samba keeps a list of 'vusers' associated with vuids.  These vusers
> are stored at process scope and are not related to any cnum or tid.
> Within switch_message the vuid in each smb request is used to change
> the process's credentials before the request is processed.  This
> suggests that in situations where there is more than one session
> active over a particular tcp connection it is possible for one vuser
> to issue requests directed at a tid created for another vuser.  Has
> this been observed or does each vuser connect their own trees?

I have not seen a situation where on evuid attempts to use
a tid generated for another vuid on the same VC.  However,
multiple vuids on a single VC happen quite often.  The best
example is Windows TSE (without the registry setting to
break the connections out).

My experience and from the CIFS specs, the tid is unique and
contained within the context of a vuid.

> The torture program in the utils directory contains a security test
> which checks for file access over two separate VCs.  Is VC a name for
> any connection or does it relate to multiple sessions running over a
> single connection or both?

The VC should be the NetBIOS session service.

cheers, jerry
 ---------------------------------------------------------------------     VA Linux Systems      gcarter at          SAMBA Team             jerry at                           jerry at
 --"I never saved anything for the swim back." Ethan Hawk in Gattaca--

More information about the samba-technical mailing list