ACL check in elog_check_access?
Gerald (Jerry) Carter
jerry at samba.org
Wed Jun 18 14:22:48 GMT 2008
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Volker Lendecke wrote:
> Hi, Jerry!
>
> While looking at ACLs again I came across
> elog_check_access() as the only caller of
> get_nt_acl_no_snum(). If I get it right (I'm not sure about
> that...) then this code does a user-space access check (look
> at elog_open) after having opened a tdb file with
> become_root(). Question: Why? Wouldn't it be possible to
> just open as the authenticated pipe user and rely on the
> kernel to do the access checks?
- From comment in elog_open()
/* Open the tdb first (so that we can create any new tdbs if necessary).
We have to do this as root and then use an internal access check
on the file permissions since you can only have a tdb open once
in a single process */
become_root();
elog->etdb = elog_open_tdb( elog->logname, False );
unbecome_root();
A client may have multiple open handles and in some cases
multiple users may open the event log so opening as root and
maintaining a ref count was the only way I could thing of to
service multiple access lvls concurrently in the same process.
cheers, jerry
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFIWRo4IR7qMdg1EfYRAluCAKDtAtaB0BeToMSsarddeBjM9qBcjgCg6x7g
Iy7t7haPpi4rgTTt/ilh1FA=
=09qZ
-----END PGP SIGNATURE-----
More information about the samba-technical
mailing list