Dynamic groups (was Samba and groups > 16)
Gerald (Jerry) Carter
jerry at samba.org
Mon Mar 7 21:25:51 GMT 2005
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
David Collier-Brown wrote:
| Volker Lendecke wrote:
|> The only real way around this is a
|> user-space implementation of NT acls, but then you lose the unix
|> interoperability.
|
| If groups and wimpy Unix permission bits work now, why would you
| need full NT ACLs? Would not ordinary POSIX ones suffice???
Volker's saying that unless we go to userspace access
checks using the full NT_USER_TOKEN (which is not limited
by the OS), you are out of luck. If we went this way, we might as well
make everything on the file system owned as root and store
in the real NT ACL in EAs.
cheers, jerry
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.5 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org
iD8DBQFCLMbfIR7qMdg1EfYRAla5AKCuebzk2ZOm9xMfkAXRpxfyMTePCQCZAWyw
xoD59ageXZdSHLsgUrj+BAw=
=GEGo
-----END PGP SIGNATURE-----
More information about the samba-technical
mailing list