dynamically loadable named pipe providers

Volker.Lendecke at SerNet.DE Volker.Lendecke at SerNet.DE
Thu Dec 12 11:09:00 GMT 2002


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

> Our (revised) funnel now works fairly closely to the TNG model, in
> which a domain socket is opened to the RPC server and the security
> context is passed as a preamble to the first RPC PDU. (Of course,
> our security context token probably doesn't look the same as the
> TNG one.)

This way you would have a lot less GPL problems :-)

If I remember correctly our idea had been a bit different. The idea
was to load dynamic objects into the main smbd. All dynamic objects
would reside in a special directory. A pipe is to be opened, smbd
looks into a table of already loaded objects. If it's not loaded a
libpipe_lsass.so (or so) is looked for and loaded on demand. This way
the security issues look a lot simpler.

Volker

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: Key-ID D32186CF, Fingerprint available: phone +49 551 3700000

iD8DBQE9+G6QOmSXH9Mhhs8RAiRtAJ9vx6msYXZYKyxxKdqZ+NY8rRD5TgCgkXAB
MCkQ1DwWfQY4GC7SKOZD8Zs=
=JR+r
-----END PGP SIGNATURE-----



More information about the samba-technical mailing list