Better empty DACL approach

Jeremy Allison jeremy at
Wed Jun 27 17:39:49 GMT 2001

Matt Zinkevicius wrote:
> > > This is not the correct way to handle this. You don't have to waste
> memory,
> > > you should just check that the security descriptor's type contains the
> >
> > Well it isn't really wasted as it's only one byte, and the talloc
> > pool is destroyed immediately after the access check takes place.
> Hah. You're right about 1 byte. I thought it said talloc(sizeof(SEC_ACE) *
> (ace_cnt+1)) which wastes several bytes.
> > OK this looks like a better way to do it.  There may be some
> > checks in some other code that check the value of the dacl
> > pointer instead of checking for the DACL_PRESENT bit.
> Yeah there is :-) I had to fix all those places as well.

Can you please send me the patches you have for this. I'd
like to get it done (the correct way) for 2.2.1 and HEAD.



Buying an operating system without source is like buying
a self-assembly Space Shuttle with no instructions.

More information about the samba-technical mailing list