ACL check in elog_check_access?

Volker Lendecke Volker.Lendecke at SerNet.DE
Wed Jun 18 16:48:46 GMT 2008


On Wed, Jun 18, 2008 at 12:33:30PM -0400, Scott Lovenberg wrote:
> Just wondering, are you talking about the 3.2 code base that you were 
> moving the ACLs to kernel space, or are you referring to the 3.0 
> branch?  I was looking at this a while ago, it's a code section that 
> interests me and I was thinking about doing a bit of work on the 3.2 
> kernel space ACL stuff.  This sounds like a good place for me to start 
> grokking the code if it's the 3.2 branch.

I'm looking at 3.2. And -- I never suggested to move the NT
acls to kernel space.

What I have suggested and which I would definitely like to
see as a completely optional separate thing is doing *all*
acl checks in user space. This would make the become_root()
calls to open the tdb files unnecessary, because all files
would belong to some Samba user or even root, Samba would
always run as root. Again: This would be a non-default
special way of running Samba.

Volker
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://lists.samba.org/archive/samba-technical/attachments/20080618/f2c8c943/attachment.bin


More information about the samba-technical mailing list