CVS update: tng/source/samrd

Luke Kenneth Casson Leighton lkcl at samba-tng.org
Thu Apr 25 12:25:02 GMT 2002


:)

i went through three versions of samrtdbd.

the second revision is probably the one with
the most chance.

after that, i added tdbsec.c, which was andrew's idea.

basically whatever the key was you also added a
"security" key with a prefix of "SEC_".

then the idea was that you pass in three higher
order functions - tdbsec_set, tdbsec_get, tdbsec_check.

then you do tdbsec_xxxx() which call into these
three higher order functions as appropriate to
verify read, write, enumerate and delete operations,
as necessary.

in this way the security is stored in the same tdb
as the data.

if you want to cause problems for such a tdbsec, you
use, directly, tdb_read(), tdb_write() etc. to bypass
the security.

so that has to be explicitly disallowed and protected.

l.

p.s. has anyone considered putting in an encryption /
compression redirection layer - i.e. libratising tdb
such that its read, write, open and close operations
are passed in as higher-order functions?

p.p.s. has anyone considered LGPLing or BSDing tdb
such that apache and other open source projects can use it?

On Thu, Apr 25, 2002 at 01:49:49AM +0200, Elrond wrote:
> 
> Date:	Thursday April 25, 2002 @ 1:49
> Author:	elrond
> 
> Update of /home/cvsroot/dcerpc/tng/source/samrd
> In directory angua:/home/elrond/build/tng/source/samrd
> 
> Modified Files:
> 	srv_samr_dom_tdb.c srv_samr_usr_tdb.c 
> Log Message:
> Some mini changes to get samrtdbd a little more to compile.
> samrtdbd isn't really supported, but I don't know exactly,
> why I occasionaly fix it a little... maybe "in respect of
> Luke's work"?
> 
> 
> 

-- 
----------------------------------------------------------
this message is private, confidential, and is intented for
the specified recipients only.  if you received, altered,
deleted, modified, destroyed or interfered with the
contents of this message, in whole or in part, please
inform the sender (that's me), immediately.

if you, the recipient, reply to this message, and do not
then receive a response, please consider your reply to have
been lost or deliberately destroyed: i *always* acknowledge
personal email received.  please therefore take appropriate
action to ensure effective communication.

thank you.





More information about the samba-technical mailing list