Changing back to per-thread credentials on Linux (fixing native AIO).

J. Bruce Fields bfields at
Mon Jul 2 14:08:43 MDT 2012

On Mon, Jul 02, 2012 at 09:10:39AM -0400, simo wrote:
> On Mon, 2012-07-02 at 14:36 +0200, Volker Lendecke wrote: 
> > Long story short: Anything beyond standard, documented
> > behaviour is just not supported or actively blocked by
> > glibc. Without official blessing by glibc I see the
> > syscall() workaround just in the same place.
> > 
> > Try googling for anything around glibc linux per-thread
> > credentials, and you end up at in this
> > thread. That should tell you something.
> I think the only thing it says is that only user space file servers care
> about this feature so badly,

Even if only Samba cares about it, Samba's an important project.  (And
maybe Ganesha will be too.)

And is it really only NFS/SMB servers?  E.g. doesn't Apache have these
sorts of problems too?

> and only those that still insist in letting
> thee kernel enforce permissions (which is a *good* thing).


> Practically only samba has dared trying to really solve this problem, we
> know other people took the easy(?) route and simply re-implemented
> access control in user space (which I think is a terrible idea for
> anything general purpose, but probably ok for an embedded product).
> Simo.
> -- 
> Simo Sorce
> Samba Team GPL Compliance Officer <simo at>
> Principal Software Engineer at Red Hat, Inc. <simo at>

More information about the samba-technical mailing list