More proposed passdb changes: users without local unix uids.

Andrew Bartlett abartlet at pcug.org.au
Tue Jan 8 14:33:30 GMT 2002


Jeremy Allison wrote:
> 
> On Tue, Jan 08, 2002 at 05:12:02PM +1100, Andrew Bartlett wrote:

> > Of course the uid field never makes it to the SAM_ACCOUNT struct, but
> > this method is backward-compatible (as far as I can tell) because the
> > smbpasswd format is unchanged (unless you are a site with over 6000
> > users in smbpasswd, and I highly doubt there are any, given the
> > performance problems).
> 
> I'm concerned about this. The reason is that on many
> sites the users are not allocated in a linear fashion.
> 
> You can't just assume that users over 6000 are "safe".
> 
> I'd resist creating users in smbpasswd that don't exist
> in /etc/passwd. Please don't check this code in yet.

In light of these comments and JF's I'll be making the test 'uid >= 6000
&& !getpwnam(name)'.  But as you note in your next e-mail, I've promised
not to touch anything yet...

Andrew Bartlett

-- 
Andrew Bartlett                                 abartlet at pcug.org.au
Manager, Authentication Subsystems, Samba Team  abartlet at samba.org
Student Network Administrator, Hawker College   abartlet at hawkerc.net
http://samba.org     http://build.samba.org     http://hawkerc.net




More information about the samba-technical mailing list