Sidebar re Samba, CIFS and mkfifo
Alexander Bokovoy
ab at samba.org
Sat Jan 27 09:38:09 GMT 2007
David Collier-Brown пишет:
> On Fri, 2007-01-26 at 10:35 -0800, Jeremy Allison wrote:
>> Yes, this is correct. Steve's code by default does only one
>> sessionsetupX call which gives only one vuid (virtual uid). All
>> accesses to that share will be done as that user.
>
> Anders Karlsson wrote:
>>> ... the Samba server will (in future) _only_ use the uid/gid
>>> supplied when initiating the session?
>>
>> Not "in future" - currently and by design. Remember, we don't allow
>> arbitrary uid changes on a CIFS connection
>
> Am I correct in thinking that if one wrote a cifs client which
> understood a cloud of users, it could in principle change vuids to
> deliver access as the appropriate user, rather like a citrix server?
>
Yes. We discussed this with Steve last SambaXP and later decided to use
per-process keying infrastructure Linux kernel provides (user-space is
in keyutils package). It is not implemented yet but practically we can
make something which does it through request-key/keyctl or via
fabricating mount requests (not mounting but adding keys to existing mount).
--
/ Alexander Bokovoy
More information about the samba-technical
mailing list