[SCM] Samba Shared Repository - branch v3-0-test updated - release-3-0-28-24-geaaf5c7

Jeremy Allison jra at samba.org
Thu Dec 13 06:55:57 GMT 2007

On Thu, Dec 13, 2007 at 07:44:50AM +0100, Volker Lendecke wrote:
> On Wed, Dec 12, 2007 at 08:07:43PM -0600, Jeremy Allison wrote:
> >     Only add the non-root escape on !developer.
> >     Jeremy.
> What's the point of this change? I think this whole
> getuid()!=0 check is really bogus, we should rely on unix
> permissions and warn appropriately if something did not
> work due to EACCES.
> Can we get rid of those checks?

The problem is get_global_sam_sid() smb panic's
if it fails, and it always fails when run as non-root.

ie. bin/smbpasswd -L will immediately core-dump.

This is a bad thing :-). But we want the server to
do this if it fails, so these nasty checks are to
prevent a few client tools getting to get_global_sam_sid()
when not run as root.

It's ugly, but we can live with it I think.


More information about the samba-technical mailing list