Smb multi-sessions, samba3.0.2pre1

Andrew Bartlett abartlet at samba.org
Tue Jan 20 12:32:27 GMT 2004 

On Tue, 2004-01-20 at 22:25, Jianliang Lu wrote:
> > On Tue, 2004-01-20 at 20:27, Jianliang Lu wrote:
> > NT does not have the concept to 'force user'.  When we act on 'force
> > user', I ensure that the second VUID (smb_uid) cannot access that share,
> > as they will not have passed the access control tests.  Perhaps this
> > could be looked at again.
> > 
> > > That I'd like to avoid is to set the user's uid = 0, it is so ugly. We 
> > > should use "admin users" instead until we have not implemented the 
> > > "user provileges". Any patch to set euid=0 looking at not only the conn-
> >uid 
> > > but also the smb_uid?
> > 
> > This is what our standard behaviour is.
> > 
> > Andrew Bartlett
> > 
> 
> I think that we should perform the access check using the uid (smb_uid), not 
> the Tid to admin_users. Following are the descriptions of "CIFS 1.0" of SNIA, 
> page 22:

Admin users is a special case, because admin users is a *per share*
option.  Therefore, like 'force user =', we must honour it in a secure
way, per-share.  

>  3.2.6 Uid Field
>   Uid is a reference number assigned by the server after a user authenticates 
>   to it, and that it will associate with that user until client requests the
>   association be broken. ... Requests that do authorization, such as open
>   requests, will perform access checks using the identity associated with the
>   Uid.

And when we are not playing samba-specific hacks, and are not in
'security=share', this is what we do.

> So if we want grant the root privilege to a user (set euid=0) we should  
> associate it with the Uid, not the Tid. Now Samba did "set_admin_user" in 
> function "make_connection_snum" with conn->admin that implicate that we 
> should check the Tid to have certain privilege. I suppose that may be more 
> correct to do the "set_admin_user" in "change_to_user", checking the vuid 
> in "admin users".

Indeed, if admin users were a global parameter.  People (for some
reason) want to give users root on only one share, hence this parameters
existence.  

Andrew Bartlett

-- 
Andrew Bartlett                                 abartlet at pcug.org.au
Manager, Authentication Subsystems, Samba Team  abartlet at samba.org
Student Network Administrator, Hawker College   abartlet at hawkerc.net
http://samba.org     http://build.samba.org     http://hawkerc.net
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/samba-technical/attachments/20040120/7de0141a/attachment.bin

More information about the samba-technical mailing list