Can Any one give me some design documents of samba.

Mayers, Philip J p.mayers at
Fri Mar 30 09:12:29 GMT 2001


But in Unix *everything* is a file (except shared memory, which is gross,
and some of the newer multithreading objects). It's an incredibly versatile
metaphor, and the rwx permissions work very well on that model.

The Unix way of doing access to COM objects would be via a FIFO I suspect,
which can exist in the filesystem and therefore be protected by ACLs.
Delegation could be done either by passing credentials (like a Kerberos
ticket) or in-kernel Unix credentials in the case of a kernel that supports
uid/gid passing across FIFOs

NT however has at least 10 different kinds of objects (that I can think off
offhand) and their ACLs stem from that background. I'm not saying either
model is better or worse, just pointing out the whys.



| Phil Mayers, Network Support     |
| Centre for Computing Services    |
| Imperial College                 |

-----Original Message-----
From: Matt Zinkevicius [mailto:mattzink at]
Sent: 30 March 2001 08:53
To: Jeremy Allison
Cc: Richard Sharpe; Karthikeyan; 
Subject: Re: Can Any one give me some design documents of samba.

I disagree. POSIX ACL's were designed for files. NT ACL's were designed for
objects. It's only that we are looking at NT ACL's from a storage-centric
viewpoint that we see them as overdesigned. Can you imagine POSIX ACL's
being used to gate access on COM objects? Probably not :-)

More information about the samba-technical mailing list