outsourcing DCE/RPC to alternate programs - runtime
config option
Luke Kenneth Casson Leighton
lkcl at lkcl.net
Sun Dec 12 12:27:34 GMT 2004
On Sun, Dec 12, 2004 at 10:57:27AM +1100, tridge at samba.org wrote:
> Michael,
>
> > We are using ncacn_ip_tcp. Does Samba 4 have an IDL compiler that is
> > compatable with DCE? If so the RPC portion of the Samba product could be
> > very useful to ourselves and many others. Thanks.
>
> The IDL compiler in Samba4 (called "pidl") is not completely
> compatible with the DCE compiler.
andrew's comments clearly state that the pidl compiler is a developing
project.
what andrew hasn't said is that the back-end which handles
the marshalling and unmarshalling is far less likely to suffer
from buffer over-runs - if i know andrew at all.
whilst the FreeDCE / DCE 1.1 and DCE 1.2.2 code is
near-feature-complete, it is also written at a time where,
historically, things like buffer overruns where of far less
concern.
consequently, anyone who is intending to deploy freedce, dce 1.1 or dce
1.2.2 code should be aware that it's possible for it to be attacked and
cause much mayhem.
luke howard has worked on FreeDCE to mitigate against buffer overruns.
so, most likely, have IBM, in their version DCE 3.
so, most likely, has everyone else who has independently fixed the
problem and then and selfishly kept the code to themselves
*grumble* *bitch, bitch* see
http://www.catb.org/~esr/writings/cathedral-bazaar/magic-cauldron/
l.
More information about the samba-technical
mailing list