svn commit: samba r16123 - in branches/SAMBA_4_0/source/torture/rpc: .

Volker Lendecke Volker.Lendecke at SerNet.DE
Sat Jun 10 09:59:07 GMT 2006

On Fri, Jun 09, 2006 at 09:13:29AM -0700, Andrew Bartlett wrote:
> > Samba3 in the buildfarm will happily create (faked(!!))
> > users anonymously. Disable that test for now.
> On the build farm, all connections come in as == sec_initial_uid, also
> the owner of smbpasswd because the whole thing runs as non-root.  

Sure, but relying on being root works but might be called
a design flaw. Proper security descriptors on the SAM and
all checks in all operations should be much better. We have
a couple of different ways in Samba3 (uid==0, check for
initial_uid, user being local admin etc) to check if a
privileged operation is allowed. This needs consolidation.
And when we are there, even in the build farm it should be
possible to reject create_user with a more fine-grained

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url :

More information about the samba-technical mailing list