Can Any one give me some design documents of samba.

Jeremy Allison jeremy at
Fri Mar 30 09:28:32 GMT 2001

On Fri, Mar 30, 2001 at 10:12:29AM +0100, Mayers, Philip J wrote:
> <offtopic>
> But in Unix *everything* is a file (except shared memory, which is gross,

Only sysV shared memory. mmap is fine as a file :-).

> The Unix way of doing access to COM objects would be via a FIFO I suspect,
> which can exist in the filesystem and therefore be protected by ACLs.
> Delegation could be done either by passing credentials (like a Kerberos
> ticket) or in-kernel Unix credentials in the case of a kernel that supports
> uid/gid passing across FIFOs
> NT however has at least 10 different kinds of objects (that I can think off
> offhand) and their ACLs stem from that background. I'm not saying either
> model is better or worse, just pointing out the whys.

But NT has no decent tools to manage the ACLS on these
objects. Only the ACL editor, which actually hides most
of the flexibility of the underlying ACL system and dumbs
it down enough that people only get "very confused" instead
of "hopelessly confused" :-). Until W2K there was no way 
to even *display* a "DENY" entry correctly in the ACL editor. So
what was the point of having them ?

I'm sorry. Having worked with NT ACLs for over 5 years now,
and having to write the POSIX ACL mapping have left me with
deep psychological scars (and the odd twitch :-) when talking
about the NT ACL design :-) :-).


Buying an operating system without source is like buying
a self-assembly Space Shuttle with no instructions.

More information about the samba-technical mailing list