Samba - CPU and memory usage - Proposed solution(?)

Andrew Bartlett abartlet at samba.org
Mon Jan 24 09:31:03 GMT 2005 

On Mon, 2005-01-24 at 09:21 +0200, Nikos Balkanas wrote:
> Andy (Bartlett):
> 
> > Niko:
> 
> >> Thanks for the fast reply. I don't know why, your reply reached me as an
> >> attachment.
> 
> >This is due to the use of PGP/MIME. Some mail programs show this
> >incorrectly as an attachment.
> 
> Would it be possible to disable it? I am using Oulook express and it creates
> me a lot of problems. I have to copy each message by hand, line by line.

Yes, it appears that some versions of Outlook Express cause problems
with this Internet standard.  I can highly recommend Mozilla
Thunderbird. :-)

> [...snip...]
> >> Can one also disable browsing and wildcard matching per directory? If
> >> this is not done, security is compromised. Furthermore, only half the
> >> performance boost is realized, since any time a CRM agent will try to
> >> save a bill to his own PC, Windows opens as default saving directory
> >> the source directory, killing the server in the process (and the PC).
> 
> >This is the usual application of removing the 'read' bit from the unix
> >permissions on a directory. I'm not sure how well Samba works on this,
> >but it would be a really good goal, as it should be about the same as
> >the 'case sensitive = yes' path.
> 
> No. The application (client for samba) still has to have full
> write/modify/delete on files.

That is tied to the write permission on the directory (delete) and on
the files.  You should be able to do both without read permission.

> [...snip...]
> >> The changes I have done result to a somehow "illegal" filesystem. If you
> >> do a "dir" or open a window on it, they both come up empty and return
> >> immediately. If, however, you do a "dir filename.txt" and the file
> >> exists, it will be displayed - only that file. Siebel has a very
> >> machinelike naming of the files, so little chance an average CRM
> >> user can guess it - unless has access to the database. This is not much,
> >> but guards against accidental deletion and is as much security as
> >> can be given from the filesystem - anything more must be given through
> >> the application.
> 
> > I actually have a similar problem at my site, so I'm interested in
> > seeing if we can make this work.
> 
> Well, as I mentioned this is done in my patch and already working for ~1 yr
> without a hitch. Catch: it is based on 2.2.22. Do you want it?

I'm no longer deeply involved in Samba 3.0 development.  I'm hoping that
jra might be able to pick up on this thread, and fix any outstanding
issues.

Andrew Bartlett

-- 
Andrew Bartlett                                http://samba.org/~abartlet/
Authentication Developer, Samba Team           http://samba.org
Student Network Administrator, Hawker College  http://hawkerc.net
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.samba.org/archive/samba-technical/attachments/20050124/0b8b9369/attachment.bin

More information about the samba-technical mailing list