More proposed passdb changes: users without local unix uids.
Andrew Bartlett
abartlet at pcug.org.au
Tue Jan 8 14:33:30 GMT 2002
Jeremy Allison wrote:
>
> On Tue, Jan 08, 2002 at 05:12:02PM +1100, Andrew Bartlett wrote:
> > Of course the uid field never makes it to the SAM_ACCOUNT struct, but
> > this method is backward-compatible (as far as I can tell) because the
> > smbpasswd format is unchanged (unless you are a site with over 6000
> > users in smbpasswd, and I highly doubt there are any, given the
> > performance problems).
>
> I'm concerned about this. The reason is that on many
> sites the users are not allocated in a linear fashion.
>
> You can't just assume that users over 6000 are "safe".
>
> I'd resist creating users in smbpasswd that don't exist
> in /etc/passwd. Please don't check this code in yet.
In light of these comments and JF's I'll be making the test 'uid >= 6000
&& !getpwnam(name)'. But as you note in your next e-mail, I've promised
not to touch anything yet...
Andrew Bartlett
--
Andrew Bartlett abartlet at pcug.org.au
Manager, Authentication Subsystems, Samba Team abartlet at samba.org
Student Network Administrator, Hawker College abartlet at hawkerc.net
http://samba.org http://build.samba.org http://hawkerc.net
More information about the samba-technical
mailing list