svn commit: lorikeet r406 - in trunk/ntacl-lsm: .
Stefan (metze) Metzmacher
metze at samba.org
Fri Aug 12 16:22:01 GMT 2005
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Tim Potter schrieb:
> On Thu, 2005-08-11 at 12:59 +0000, metze at samba.org wrote:
>
>>Author: metze
>>Date: 2005-08-11 12:59:14 +0000 (Thu, 11 Aug 2005)
>>New Revision: 406
>>
>>WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=lorikeet&rev=406
>>
>>Log:
>>I got the basic infrastructure for setting the nttoken working
>>it currently uses just strings, but I'll pass an ndr_encoded
>>struct security_token as next step
>>
>>metze
>>Modified:
>> trunk/ntacl-lsm/main.c
>
>
> Nice one! I still think it's better to keep the interface text-based
> though. Will the kernel guys even go for a binary interface? There
> might be a lot of opposition.
I think for configuration stuff you're right, that should be under /sys/security/*
and have text based interfaces, but for setting the security token, it's much easier
to use a ndr blob, as we get it for free, and it should not be used by scripts
or by someone on the commandline only by the current task, to set its own attributes.
I'll add a libntacl-lsm.so that provide a call,
ntacl_get_security_token()
ntacl_set_security_token()
and command line tools testing.
- --
metze
Stefan Metzmacher <metze at samba.org> www.samba.org
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3-nr1 (Windows XP)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org
iD8DBQFC/Mynm70gjA5TCD8RAmlRAJ9gZ84zKxqEchmfMx40fEXV5VceNACg0PsB
tePov+siHdHyfymy76J0leo=
=oW0z
-----END PGP SIGNATURE-----
More information about the samba-technical
mailing list