CVS update: samba/source/rpc_server
abartlet at pcug.org.au
Fri Nov 9 17:02:04 GMT 2001
Jeremy Allison wrote:
> On Sat, Nov 10, 2001 at 10:54:39AM +1100, Andrew Bartlett wrote:
> > By this point it should be clearer why keeping the 'have vuid' case
> > should be kept simple - particularly given the security issues with the
> > current code. (Users of NT4 terminal server are advised to always use
> > the registry hack to permit multiple connections to samba, for both
> > performance and security reasons).
> Performance reasons only. Multi-user NT boxes switch vuid and do
> multiple session setups when multiple users access the shares.
> There are no security holes known with mutli-user NT/Citrix and
But they don't do multiple tree connects do they?
The problem is that the user_ok() code at present doesn't consider the
guest user case.
(or the NT ACL in tdb for that matter)
Andrew Bartlett abartlet at pcug.org.au
Samba Team member, Build Farm maintainer abartlet at samba.org
Student Network Administrator, Hawker College abartlet at hawkerc.net
http://samba.org http://build.samba.org http://hawkerc.net
More information about the samba-technical