outsourcing DCE/RPC to alternate programs - runtime config option

Luke Kenneth Casson Leighton lkcl at lkcl.net
Sun Dec 12 12:27:34 GMT 2004


On Sun, Dec 12, 2004 at 10:57:27AM +1100, tridge at samba.org wrote:

> Michael,
> 
>  > We are using ncacn_ip_tcp.  Does Samba 4 have an IDL compiler that is
>  > compatable with DCE?  If so the RPC portion of the Samba product could be
>  > very useful to ourselves and many others.  Thanks.
> 
> The IDL compiler in Samba4 (called "pidl") is not completely
> compatible with the DCE compiler. 

 andrew's comments clearly state that the pidl compiler is a developing
 project.

 what andrew hasn't said is that the back-end which handles
 the marshalling and unmarshalling is far less likely to suffer
 from buffer over-runs - if i know andrew at all.

 whilst the FreeDCE / DCE 1.1 and DCE 1.2.2 code is
 near-feature-complete, it is also written at a time where,
 historically, things like buffer overruns where of far less
 concern.

 consequently, anyone who is intending to deploy freedce, dce 1.1 or dce
 1.2.2 code should be aware that it's possible for it to be attacked and
 cause much mayhem.

 luke howard has worked on FreeDCE to mitigate against buffer overruns.

 so, most likely, have IBM, in their version DCE 3.

 so, most likely, has everyone else who has independently fixed the
 problem and then and selfishly kept the code to themselves
 *grumble* *bitch, bitch* see
 http://www.catb.org/~esr/writings/cathedral-bazaar/magic-cauldron/

 l.



More information about the samba-technical mailing list