[SCM] Samba Shared Repository - branch master updated - release-4-0-0alpha8-337-g73e9693
Volker Lendecke
Volker.Lendecke at SerNet.DE
Wed Aug 5 02:57:27 MDT 2009
On Wed, Aug 05, 2009 at 03:47:22PM +0800, boyang wrote:
> My solution here is that:
> The reload of usershare is necessary when changes of usershare
> happen. For every open file operation, we must check it against file
> permission as well as share permission. And when check it against share
> permission, we *must not* use cache(the vuid_cache), we must perform a
> access check from startup, ignoring any existing cache. I am wrong to
> touch the already opened fsps.
> For shares deleted, we should disconnect all connections connected
> to this share/tree...
Ok, *that* I can believe. Thanks for doing those tests!
So what we need is a security descriptor attached to
connection_struct that we can quickly test against in
create_file. This security descriptor should be updated on
demand. I'd like to see a message type that can be sent to
smbd's to update the secdesc for specific shares. We can
then later decide how this is exactly being sent.
Volker
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 197 bytes
Desc: Digital signature
URL: <http://lists.samba.org/pipermail/samba-technical/attachments/20090805/624d30cf/attachment.pgp>
More information about the samba-technical
mailing list