New approach to "valid users" fix
idra at samba.org
Sat Aug 12 19:42:34 GMT 2006
On Sat, 2006-08-12 at 13:56 -0500, Gerald (Jerry) Carter wrote:
> It's a pretty big bug actually if you copy files from
> the Samba box to a local NTFS partition on a Windows
> client. We'll have to fix this, but I need to think
> about it some.
I think that part of the problem is that we don't let idmap do it's work
alone, but often we check for idmap ranges outside of idmap instead of
just trusting what idmap does.
I think that idmap ranges should be checked only inside idmap by the
modules that really depends on them, and let the user decide whether to
enforce them or not (or perhaps use them as filters) for modules that do
not control the mappings (or potentially don't) like idmap_ad and
We can probably not get as far as changing this for idmap_ad/idmap_ldap
in 3.0.23c, but we can probably remove some of the checks that are done
in wrong places like these:
But in the end this is probably matter for 3.0.24.
Samba Team GPL Compliance Officer
email: idra at samba.org
More information about the samba-technical