FW: Speed comp. TNG & 2.2.alpha (fwd)

Luke Kenneth Casson Leighton lkcl at samba-tng.org
Mon Mar 12 11:39:32 GMT 2001


On Mon, 5 Mar 2001, Elrond wrote:

> On Tue, Mar 06, 2001 at 12:08:50AM +1100, Luke Kenneth Casson Leighton wrote:
> [...]
> > > Of course the other way round will get interesting, what
> > > happens, if we have a file with a GID, that SURS does not
> > > known about...
> > 
> > that's a system configuration error.
> > 
> > what happens on unix when you ave a file owned by a uid or a gid that
> > isn't in /etc/passwd or /etc/group?
> > 
> > 1) ls -al shows numbers not names
> > 
> > 2) only root can change ownership of the file.
> > 
> > well, we can't do an equivalent to 1) in the "unknown" circumstances, with
> > SURS.  so throw an error: let the app deal with it [access denied].
> 
> Okay, that sounds reasonable, somewhat.
> 
> Bad, there's no "nobody"-SID on NT...

they have the concept of guest account.

enabling the guest account allows users without accounts to log in and
become the guest, even without a password.  a bit like "map username" but
on a smaller scale.

adding a password to the guest account requires that anyone can log in as
any username but they must know the guest password.  they become guest,
regardless of username they type in.
 
> (For ACLs, we can simply "ignore" unknown GIDs/UIDs, but
> for owner/group of a file, we can't. I guess, NT wont like
> it, if it requests that info and we return a NULL-ptr in
> the SD, or will it like that?)

a NULL-ptr SD means "full permissions, including the right to take
ownership"!

:) :)

 ----- Luke Kenneth Casson Leighton <lkcl at samba-tng.org> -----

"i want a world of dreams, run by near-sighted visionaries"
"good.  that's them sorted out.  now, on _this_ world..."





More information about the samba-technical mailing list